written by Matthew Stern
If security were just about what to do to prevent an attack from happening, such a model would soon fail.
When security includes detecting an attack before it happens while also planning to recover from such attacks, the package is complete.
The same is true for companies and staying safe online. With advanced measures in cybersecurity, threat actors are still finding new ways to exploit companies. The fact that most enterprise players are not prepared for a cyber-attack shows us why the old sense of security will not stand anymore.
That is where cyber resilience comes to bridge the remaining gaps.
What Cyber Resilience Stands For
Amid growing threats, every company needs to have a security model at hand.
What happens if there is an uncovered flaw in the system such that a hacker gets in any way? It would be deficient of such a company to shut down completely to contain the threat. That could lead to the demise of the company in its entirety.
Start-ups are at a higher risk of falling victim to folding up on the back of a cyber-attack. That is not due to their size, but because most do not have the right framework to mitigate (cybersecurity) and manage (cyber resilience) in such situations.
Thus, cyber resilience can be defined as an entity’s ability to effectively prevent yet to manage a cyber-attack when it does happen. A broader definition spells out how a cyber resilience framework excels at detecting, monitoring, controlling, diffusing, and preventing threats before and after they have happened without disruption to the business’s daily working.
The Common Threats Businesses Face Today
To have an extensive list of all the cyber threats, a business face is almost impossible. Just when we think that we have a lid on everything, hackers and threat actors find a new flaw to exploit.
However, some are more common than others. These forms of attacks have set the tone of the standard cybersecurity procedures – and they will also inform your cyber resilience framework.
1 Phishing Attacks
Phishing scams are not the most successful social engineering hack for no reason.
They have been here for long, and hackers have perfected the art of executing them. All they have to do is pretend to be who they are, not to gain your trust. These hackers then get you to divulge sensitive information to them, which they can use to carry out advanced hacks. In this sense, sensitive info can be a password, login information, server access, etc.
2 Business Email Compromise
At the start of the year, the FBI and other affected departments reported a surge in the level of BEC attacks.
Almost in line with phishing attacks, BECs are unique in the way hackers deploy them.
Both forms of attacks are similar in that hackers have to pretend to be who they are not to gain your trust. However, the difference is that BEC actors do not need sensitive info to advance their hack. Right from the email there, they make their victims perform the actions they want for them.
These actions could range from sharing trade secrets to wiring funds to wrong accounts, among others.
3 Password Hacks
Password hacks have been here for a long time also. Under this heading alone, we have more categories of attacks:
- Rainbow table hack
- Hybrid password attack
- Dictionary attack
- Brute force attempts, etc.
As the name implies, this is the hack where the threat actor tries to guess the victim’s password. Of course, there are possible millions and billions of passwords that you could be using. That is why they rely on algorithms and software to try and hack passwords.
The weaker a password is, the easier it is to hack.
Note: there is no unhackable password. The only thing you can do is make sure your password will take time to hack.
Thus, a hacker can either meet a password that they can hack in mere days – or one that will take several years to hack. It is a no-brainer that they will give up on the latter – which is why we always want you to set secure passwords.
You can use online random password generators to come up with highly secure passwords for your accounts. The passwords that you get this way will be challenging to remember, so you might want to grab a password manager to safely store all your secure logins also.
Fortunately, some of the best password managers we have come across also have a password generator in there.
Elements of A Solid Cyber Resilience Plan
Cyber resilience strategies and concepts will vary from company to company. What will remain the same, though, is the framework behind this strategy.
Looking at the most robust and best cyber resilience framework (as of this writing, no doubt), there are some similar elements to be explored.
Protection is only possible when you know what you are protecting.
The buildings do not make a business. The members of staff, sensitive data, and trade secrets are what makes the business. Identifying what datasets and databases are sensitive and should not fall into the wrong hands is, thus, the first step into protecting your assets well.
Suggestions: run an internal audit around the core assets of the business. Enlist the help of a cybersecurity company to probe your systems for what is most sensitive also.
Now that you know what to protect, it is time to start doing that.
The critical services to the company’s infrastructure are the first in line to get protected. It is also worthy of note that knowing what to protect alone without implementing the protection is a dead-on-arrival plan. Such have lost companies (like Sony) several millions of dollars in the past, and you don’t want to be in similar shoes.
Suggestions: install frontline security measures that absorb the impact of any attack first. Note that this is not to prevent the attack, but minimize the effect when it does happen. Your network is a critical infrastructure that links to all other services, and downloading a VPN app or installing similar services will help keep you isolated from the outside. Firewalls, scanners, and antimalware are also a great addition to the network.
Cyber resilience also involves the constant monitoring of your systems to ensure everything is still in place.
Most data breaches are not harmful when they first happen. Continued access to the systems by unauthorized individuals is what gives way to massive leaks.
If possible, come up with a checklist of everything to look at – and how to ensure they are working fine. Run these checks frequently (planned) and randomly also.
So, what if there happens to be a data breach?
Knowing alone is not the whole story. There should be a game plan on how to respond to such threats.
These protocols help to ensure calm and minimize panic. Everyone knows what they have to do, and they get that done. In no time, you would have contained the threat better than if you were trying to come up with a solution.
The recovery plan should include plugging the holes, beefing up your security better, and restoring any damaged/ stolen files.
It would help if you also learned from the past mistakes to prepare better against future attacks. Everything in this step should be geared towards returning to normalcy without affecting the services you deliver to your clients in the process.