By Structured Staff —
Does resilience planning factor into your cybersecurity strategy? If not, it should. And here’s why: While prevention is a great objective, it is increasingly difficult to defend a complex attack surface from all threats – especially the sophisticated and advanced threats we encounter today.
Instead, organizations are bolstering prevention efforts with tactics and tools that enhance resilience. This is the ability to quickly identify attacks, limit their damage, and recover rapidly, thereby avoiding lengthy and disruptive downtime and data loss.
To that point, MITRE released its Cyber Resiliency Engineering Framework (CREF) Navigator™, which is a free visualization tool for engineers designing cyber-resilient systems. The CREF framework, which aligns with NIST SP 800-160 standards, offers guidance along four primary principles:
- Anticipate: Maintain a state of informed preparedness.
- Withstand: Continue essential business functions through an attack.
- Recover: Restore all business functions after an attack.
- Adapt: Improve processes and business functions to better support the requirements of technical and operational environments.
There is evidence to support the notion that focusing on resilience – as opposed to prevention alone – is sound strategy. Gartner reports that the average midsized business will experience 20 days of disruption following a successful ransomware attack. Most businesses can’t afford that. A defensive posture built on resilience, where damages are limited and recovery swift, can help minimize the worst effects of attack.
A cybersecurity strategy that emphasizes resilience planning will prioritize practices and policies built to secure users, devices, applications and data – regardless of where those things reside. Identity and Access Management (IAM) policies will be enforced and supported by Multifactor Authentication (MFA) tools. Data protection and recovery strategies – along with business continuity plans — will be well documented and tested. End users will receive regular awareness training so they know how to recognize phishing and other social engineering tactics. Finally, the organization will actively monitor its IT infrastructure 24x7x365…or it will outsource to a managed services provider that can.
This strategic approach garners positive results. According to Cisco’s annual “Security Outcomes Report”:
- Companies that reported implementing a mature zero-trust model saw a 30% increase in resilience score compared with those that had none.
- Having advanced extended detection and response (EDR) capabilities correlated to a 45% increase in resilience score for organizations over those that reported having no detection and response solutions.
- Converging networking and security into a mature, cloud-delivered secure access services edge (SASE) increased resiliency scores by 27%.
What would your security resilience score be? Not sure? Please get in touch with your Structured account manager today – or email email@example.com – if you’d like to make sure your organization has the people, policies, and platforms in place to limit damages from a cyberattack and bounce back stronger than before.