Archive for the ‘Resilience’ Category

Not so basic but definitely essential.

We keep talking about new shiny, and increasingly fragile, controls that will prevent attacks or fiendishly clever algorithms or AI to which we can outsource all that hard or fast thinking we’re not good at but we are all still staring down the barrels of a loaded data breach gun waiting for it to go off. The thing is we seem to be holding that gun to our own heads and it’s not like we don’t realise. All the talk of ‘basics’, ‘essentials, ‘foundations’ points at a relatively common set of issues usually focused on some combination of the following:

  • IT Maintenance (patching, replacing end-of-life platforms, inventories, baseline builds etc),
  • Network security (internal segmentation),
  • Access Management (efficient joiners, movers, leavers processes, privileged user management)
  • Security Monitoring (effective visibility),
  • Incident Response (tested plans, exercised staff)

(more…)

Cyber Resilience: Part Six Recommended Reading

 

Here are the sources used when developing the thinking behind this blog series:

(more…)

Cyber Resilience: Part Five What next?

Cyber resistance clearly requires leadership and operational intervention from specialised cyber professionals.  However, Cyber Resilience requires a broader institutional response that encompasses all aspects of the business.  As such, it needs to be owned by the entire executive management of an organisation.

The Department encourages all institutions to view cyber security as an integral aspect of their overall risk management strategy, rather than solely as a subset of information technology.” Benjamin Lawsky, Superintendent of Financial Services, New York State Department of Financial Services, December 2014

(more…)

Cyber Resilience: Part Four Companies’ Plans Must Include Both Resistance and Resilience

Resistance to cyber attack is undoubtedly valuable and can produce effective outcomes. However, resistance is expensive and there is a law of diminishing returns on the investments made in resistance, Moreover, because the preparations and mitigations employed in resisting attacks are often specific to particular, point-in-time threats, ongoing resistance is both complex and fragile — unexpected shifts in attacker tactics can bypass existing defences and leave organisations struggling to deploy new controls at an appropriate pace. Faced with the total capabilities of nation-state attackers or state-sponsored cybercriminals, many organisations are unable to deploy effective controls quickly enough or spend enough money to completely mitigate the totality of the threats they face.

“Financial firms should assume they will be subject to destructive attacks and develop capabilities and procedures to resume operations. Financial firms also need to be ready to quickly restore computer networks and technology-enabled operations in response to known or unforeseen threats that could cause catastrophic disruption.” Financial Stability Oversight Council (FSOC) 2015 Annual Report

(more…)

Cyber Resilience: Part Three What is Cyber Resilience?

Cyber Resilience is an organisation’s preparation for business disruption caused by cyber attacks; its ability to recover from these disruptions; and its systemic capability to adapt and grow from each attack it experiences.

Cyber resilience requires that, while organisations strive to prevent incidents, they also understand their internal operating environments and digital ecosystems well enough to develop and deploy processes that:

  1. Accelerate the detection of successful attacks; and
  2. Contain and respond to identified attacks.

(more…)

Twitter RSS