Today’s businesses face greater cyber risks and threats than ever before. One in six firms attacked in the past year have had their survival threatened as the spate of cyberattacks continues to increase, unabated. That justifies how essential cyber resilience is for business continuity. And amid all these trends, we must ensure that our organizations remain designed for the future — i.e. flexible, efficient and resilient against attacks to preserve business operations.
Business continuity is a major driver of the future of business operations. According to SHRM COVID-19 research, 83% of employers have made business adjustments due to COVID-19. The problem, however, is that many companies still don't know what they should be prioritizing. Should we be focused on preventing cyberattacks or protecting our assets during a crisis? The stakes are high.
Thinking forward and backward
Cyber actors have capitalized on the hastiness with which business leaders adopt new technologies and work models in their organizations. For smooth business continuity, security leaders need to step back and examine the major decisions taken during or generally due to COVID-19.
Some of the security, safety and response solutions adopted were meant as temporary fixes but ended up as permanent fixtures; these need to be reexamined to ensure that there has been proper integration and cohesion across the organizational structure.
For one, due to the escalating incidents of ransomware attacks, businesses must operate from an ‘attacked’ standpoint. That is, assume that the organization has been attacked, and then plan forward and backward from that point. Once an attack has been detected, the forward action is to determine the extent of the attack, call backups to keep the business operational and recover clean data.
Planning backward, on the other hand, means having solid and up-to-date backups in place already. The latter may be tricky because ransomware attacks have become more sophisticated, with malicious actors sometimes attacking backups directly.
Resilience for unforeseen events
Most cybersecurity technologies and approaches today focus on solving problems that we are already aware of, but these old problems keep taking new forms and new issues that regularly defy our current knowledge — and expectations keep emerging. True resilience is how strong your defenses are against unforeseen threats.
The current explosion of zero-day and evasive malware attacks tells all the story here. Seventy-four percent of cyber threats detected in Q1 2021 were zero-day malware, an all-time high. In its 3rd quarter, 2021 is already set to be a record-breaking year for zero-day attacks, with projections showing three times as many attacks as last year.
To mitigate these attacks, organizations need a stronger, risk-averse culture that aims to secure the continuity of business operations even in the face of threats. The first step to arresting zero-day attacks is to solve the problem of lack of visibility.
Zero-day actors prime themselves on being evasive. However, technologies like Secure Access Service Edge (SASE), built on zero-trust and least privilege principles, are integrated solutions that ensure a comprehensive and consistent implementation of security policies.
Going forward, organizations must be ready to leave their previous siloed approaches to cybersecurity for a broadly-encompassing strategy that promotes granular visibility. The continuity of the whole business, after all, rests on the functioning of its parts.
What does cyber resilience really mean?
Before the pandemic, the rate of new enterprise cyberattacks had actually been slowing; then, suddenly, attacks increased dramatically. Many businesses already have some cybersecurity plans integrated into their business continuity programs, but some is not enough.
Why must cyber resilience be integrated into business continuity? Resilience is different from ordinary planning and preparation because planning for an attack focuses on taking steps to either prevent the attack from happening or stop the attack when it happens. That’s not resilience. Cyber resilience focuses on ensuring that business operations do not entirely break down during and despite an attack.
The biggest tech giants are masters of cyber resilience. The average Google Chrome user does not know that the browser has experienced six zero-day attacks this year alone.
Besides the fact that it’s not the kind of information that makes typical daily news, one could conclude that none of the attacks have caused significant enough disruption to Chrome’s operations to warrant public outcry. Even many of Google’s efforts to resolve the attacks have taken place in the background. That’s the mark of a genuinely cyber resilient company. And that can only be possible when a company’s cybersecurity is among the primary concerns of top-level management and included in the organization’s continuity strategy.
A suggested practical arrangement is for organizations to have two cybersecurity teams: a response unit that focuses on mitigating (the reach of) attacks and a continuity unit that focuses on sustaining operations.
Not a few business leaders would admit that they have had to take a detour in their organization’s trajectory before the pandemic to forge ahead of the new challenges that have emerged. Business and security team leaders must lead the change in their organizations in creating broader resilience strategies by integrating risk management and business continuity plans for a more cohesive approach to mitigating business disruption.