Top four tips for developing your cyber resiliency framework

Traditional cybersecurity measures simply cannot keep up with a growing legion of adversaries attacking from all directions.

Hackers, malware, and malicious actors threaten the security of global networks, and attacks are on the rise. Businesses and organizations must begin to think differently to gain the upper hand against increasingly savvy criminals.

Cybersecurity is giving way to a new approach to protection: cyber resiliency. For too long, businesses have spent time and money creating threat detection and response solutions that are centered around building layers of protection for data, systems, and networks. While this approach has merit, it is largely a game of trying to keep up with adversaries; it is inherently reactive.

The shift to cyber resiliency empowers businesses and organizations, enabling them to prepare for, respond to and recover from cyberattacks. It also enables them to defend against and limit the severity of those attacks, while ensuring their survival despite an attack.

Developing a cyber resiliency framework takes the potency away from attackers, putting businesses and organizations in a better position in relation to threats.

Some considerations for developing a cyber resiliency framework

An unfortunate 31 percent of global organizations lost data last year because of a lack of cyber resilience preparedness, according to Mimecast’s State of Email Security Report 2020. Developing a cyber resiliency framework should be a top priority for any organization that wants to proactively defend its data and network.

The core design of an organization’s framework should be based on the assumption that criminals will eventually break through existing defenses. That means organizations need to shift their focus from attempting to keep out criminals to planning a strategy to reduce their impact.

At the same time, businesses are navigating a path through digital transformation, integrating their technologies with all aspects of business operations. By creating higher levels of integration between key business support functions and greater availability of data, organizations may ensure they are prepared to withstand any challenge, including those posed by attackers.

The essence of cyber resiliency is combining best practices from IT security, business continuity and associated support functions to put organizations in a position of strength and ensure they remain there.

IT Governance, a UK-based global provider of cyber risk and cyber resilience solutions, recommends a four-part approach when planning and developing a cyber resiliency framework.

1. Management and protection

Organizations should  be able to identify, assess and manage the risks associated with network and information systems. This needs to extend across the entire supply chain and will ensure protection of information and systems from cyberattacks, system failures and unauthorized access.

This portion of the cyber resiliency framework will cover items like malware protection, identity and access control, encryption, patch management, physical and environmental security and network and communications security. It should also encompass information and security policies and a formal information security management program. This may include security staff awareness training along with team competence and routine training. It may also include asset management, supply chain risk management and systems security.

2. Identification and detection

A comprehensive cyber resilience framework will rely on continuous monitoring of network and information systems. This will be essential for detecting anomalies as well as potential cyber security incidents before they cause damage. This portion of framework design should be all about security monitoring.

3. Response and recovery

Organizations should consider implementing an incident response management program along with safeguards to ensure business continuity. This will enable them to continue operations during and after a cyberattack, ensuring they may get back to business quickly and efficiently.

This part of the cyber resiliency framework includes incident response management, ICT continuity management, business continuity management and information sharing and collaboration.

4. Governance and assurance

The last portion of framework development will be built into the core business and managed from the top tier of the organization. This will ensure it aligns closely with broad and long-range business objectives.

Cyber resiliency planning at this stage will include a comprehensive risk assessment program, development of a continual improvement process and development of governance structure and processes. It should also encompass an internal audit and external certification and validation. Board-level commitment and involvement will be essential for success at this phase.

Most organizations would prefer to be in a position of strength if facing a cyber security breach or attack. Having a comprehensive cyber resiliency framework in place ensures they are prepared for a wide variety of incidents and can conduct business as usual while mitigating and stabilizing any impacts on networks or data. They will also be able to continuously meet regulatory and legal requirements calling for data protection, incident response management and business continuity.

Organizations will also benefit from reduced financial losses in the event of an attack while ensuring their brands and reputations are protected. A bonus of developing a cyber resiliency framework is the improvement of internal processes and better corporate culture and morale.

Learn how Accedian can help you build the right framework and functions around your cyber resiliency strategy.