Cyber resilience: security for a new era

By Greg Day, vice president and chief security officer, EMEA at Palo Alto Networks and Patrick MacGloin, EMEIA Cyber Security Partner at EY

Tags: Cloud computingInternet of Things
  • E-Mail
Cyber resilience: security for a new era Greg Day, vice president and chief security officer, EMEA at Palo Alto Networks.
By  Greg Day , Patrick MacGloin Published  November 6, 2017

Today's technology-rich landscape has led to a proliferation in cybercrime, impacting society, government organisations and private companies. An interconnected world has created an ongoing series of risks including online scams, identity theft, access to computer systems and attacks on IT infrastructures.

As these threats continue to become more sophisticated, traditional cybersecurity methods are lacking effectiveness. It's no longer just the security solutions that matter, therefore companies are now looking at how implementing cyber resilience strategies can keep their defenses sharp enough to withstand an attack with minimal impact.

Traditionally, cybersecurity has been about stopping attacks from a technical aspect. Cyber resilience on the other hand takes on the matter with a more pragmatic method, and focuses on implications that threats might have from a business or societal standpoint. It includes things like taking executive staff through live real-world exercises, so that they're trained on how to respond in the event of a breach, and the types of decisions that need to be made. Or, ensuring that contingency plans are set, should systems go offline. Essentially cyber resilience is about having an end-to-end strategy to ensure that your digital dependency isn't impacted by one single incident.

Think of it like owning a home in an area that's prone to inclement weather. There's no viable way you can prevent every calamity that comes your way, so instead you place emphasis on learning to look for the signs, protect what you can, withstand and rebuild. With the level of connectivity there is around us, the sooner we recognise the need to detect and how to react effectively, the better.

Globally, efforts of making cyber resilience the norm among government factions is expected to have a ripple effect on the private sector as well. In both segments exists some powerful insights that can be used for everyone's benefit. We're not just referring to threat indicators, but also best practices. Take WannaCry for example, there are multiple ways to thwart it, the question is which has the highest rate of success, and that is where the government comes in, by inspiring us to work smarter. Whether it be through process control, business control, or decided mitigation, it's this sort of teamwork that makes for unsurpassed resilience.

A cyber resilience strategy incorporates elements of defense and prevention, but goes beyond those aspects to emphasise response and robustness in moments of crisis. For cyber resilience strategy to be successful, it includes first defining what the business risks are, developing a security policy, then a recovery plan with action points and finally testing its overall effectiveness.  

To explain further, over the last 20 years, irrespective of industry, the approach to cybersecurity was tackling it problem by problem, which is natural. It's necessary take a step back and think instead of adding to the stack, how can we consolidate that down. In the security industry, we're often so consumed with looking at the next issue, that we forget what we already have in place and its effectiveness as a cohesive solution. By having agreed upon metrics in place we can challenge ourselves to go back and conduct evaluations rather than be at the headwinds of the next attack.

Every strategy requires strong leadership at the helm for it to prevail. In the case of cyber resilience, ownership needs to be shared equally between the boardroom and IT staff. Since security teams tend to lean towards the most technical method to solve a problem, it isn't always ideal as business leads will prefer the most economically practical option. This is a space that companies are currently in - achieving a fine balance between the two and getting the right combination of people in the room to drive such conversations.

In countries like the UAE, which is set to have one of the world's smartest cities over the next few years, leaders have identified the need to protect themselves from becoming a victim of their own progression as the process of digital transformation ultimately brings about a proliferation in cyber threats.

The UAE strives to make itself a digital country, with the some of the most advanced technological infrastructure. This is recognised in UN and other comparisons. An example of this is the recent announcement of the launch of the largest solar power concentrator in the world and the current ongoing hyperloop project between Dubai and Abu Dhabi. There's more data, access points and means to connect, meaning there is a much greater surface area which can be attacked. At the same time, the volume of threats, and their sophistication is increasing. It's not just the good guys who innovate.

Plus to catch up with this paradigm can be draining, in a period where there is a global shortage of cyber security talent. At a national level, it needs coordination and cooperation. The traditional approach to security is struggling in the face of these challenges. Hence you see the UAE investing in coordinating and aligning its protection, detection and response capabilities; nationally and within industry through regulation. The progress must be applauded and supported.

With today's criminals showing no signs of letting up, it's a battle that organisations simply can't afford to fight on their own, and resilience when leveraged correctly can be just the competitive edge needed not only to level the playing field but emerge as victors.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code