security

How a cyber resiliency platform benefits business – TechRadar


Most CISOs have an 80/20 budget split between likelihood and impact mitigations as Deloitte points out in a recent global Cybersecurity (opens in new tab) survey. This report says that only 11 % of the budget go into incident response/disaster recovery and into infrastructure security (opens in new tab). Rather than the illusion of total cyber security, the focus must shift to operational cyber resiliency where organizations can effectively respond to and withstand attacks. While preventative measures are important, they’re table stakes, not the winning hand, when an organization is fighting cyber-compromises. There is a very strong case for taking a sideways look at the traditional thinking about the ‘protect / detect / respond / recover’ setup.

An abundance of technology and a lack of process

It is worth pondering for a moment on how organizations approach recovery after a ransomware (opens in new tab) attack. It’s disheartening how often the public hears about scenarios in which an organization’s response to an imaginary ransomware attack is to try to use business continuity and disaster recovery processes and technologies built for the scenarios of weather, loss of power or misconfiguration. These traditional business continuity and disaster recovery scenarios are, simply put, not suitable for cyber scenarios, where technology recovery efforts are actively targeted. Instead, organizations need to recover to first investigate how the attack manifested itself and which vulnerabilities were exploited so they are remediated while bolstering defense. Then finally all malicious artefacts of the attack need to be removed from the recovered environment. It is only then that recovered systems can be brought back into production.

Readers Also Like:  China to Build Station That Could Spy on U.S. from Cuba, Officials Say - The New York Times



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.