By Srinivasan CR, Executive Vice President-Cloud and Cybersecurity Services & Chief Digital Officer, Tata Communications
In a hyperconnected world, cyberattacks are increasingly common. Just ransomware activity alone was up 50% year-on-year during the first half of 2023. Cybersecurity Ventures estimates that the annual cost of cybercrime will likely increase by 15% every year until it hits $10.5 trillion in 2025. If the cost of cybercrime was measured as a country, then it would be the world’s third-largest economy after the U.S. and China. It’s no surprise then that most Chief Information Security Officers (CISOs) accept their organisation will eventually be breached.
The potential impact of a cyberattack has also become more severe, spilling over from the digital realm into the physical. For instance, the US experienced a period of panic buying following a cyber attack that choked the Colonial Pipeline, the nation’s largest pipeline system for refined oil products. Gas prices spiked due to the sudden and widespread shortage and many forms of transportation ground to a halt, from flights to private vehicles.
With more critical infrastructure now housed in the digital realm, cyberattacks have the potential to seriously impede the lives of everyday people. For instance, if bad actors were to successfully attack a nation’s energy grid or public transport, the effects could be devastating to its population.
Cyber resilience: Fortifying the future
In an era defined by pervasive digital connectivity and ever-evolving threats, cyber resilience has become a crucial pillar of survival and success for modern-day enterprises. It represents an organisation’s capacity to not just withstand and recover from cyberattacks but also to adapt, learn, and thrive in the face of relentless and unpredictable digital challenges.
Note: Cybersecurity refers to an organization’s capacity to defend against and steer clear of the growing threat posed by cybercrimes. Cyber resilience, on the other hand, is the capacity to minimize harm (damage to systems, procedures, and reputation), recover, and continue operating post system or data compromise. Both adversarial threats (think hackers and other bad actors) and non-adversarial dangers (such as basic human mistakes) are included in cyber resilience.
As cyber attacks become more sophisticated and the attack surface continues to expand, traditional approaches to prevention are no longer sufficient. Many CISOs are shifting their focus toward more evasive and evolving attacks, such as ransomware and advanced persistent threats. These complex threats often go undetected by traditional cybersecurity tools, and even when detected, it is often too late to prevent damage.
This is why cyber resilience encompasses a comprehensive strategy that includes prevention, detection, response, and recovery, all guided by a proactive mindset that strives to anticipate threats and continuously evolves defences.
How to make your organisation more cyber resilient: Get crafting a holistic cyber resilience strategy
Due to the crippling effects a cyberattack can have on a nation, governments and regulatory bodies are also working to develop guidelines and standards which encourage organisations to embrace cyber resilience.
For instance, the European Parliament recently passed the European Cyber Resilience Act (CRA), a legal framework to describe the cybersecurity requirements for hardware and software products placed on the European market. It aims to ensure manufacturers take security seriously throughout a product’s lifecycle.
In other regions, such as India, where cybersecurity adoption is comparatively evolving, the onus falls on industry leaders to work with governmental bodies and other enterprises to encourage the development and adoption of similar obligations.
The National Institute of Standards and Technology (NIST) at the U.S. Department of Commerce, also has many recommendations for fostering cyber resilience in an organisation. The NIST Cybersecurity framework 2.0 presents six core functions – designed to organise cybersecurity outcomes at their highest level:
Govern: Ensure your organisation’s cybersecurity risk management strategy, expectations, and policy are established, communicated, and monitored. This includes understanding and assessing specific cybersecurity needs and implementing continuous oversight and checkpoints.
Identify: Account for and understand all current cybersecurity risks to your organisation. Find and document the main processes and assets that are essential for daily operations, all computers and software your organisation uses, what information is gathered and where it’s stored and possible threats and weaknesses.
Protect: Employ safeguards to manage your organization’s cybersecurity risks. This could incorporate a range of simple steps, from managing user access to resources and providing employees with cybersecurity training to the use of endpoint security products and data encryption.
Detect: Make sure possible cybersecurity attacks and compromises are found and analysed. Implement procedures for detecting indicators of a cybersecurity incident on both the network and in the physical environment. If an attack is detected, your organisation should work quickly to understand the impact and alert authorised staff and tools.
Respond: Take swift action following a cybersecurity incident. Once an incident is declared, execute your response plan, taking care to ensure that everyone knows their responsibilities. Analyse what has taken place, determine the root cause and prioritise the most pressing issues. While containing and eradicating an incident, safely collect relevant data to inform future response plans.
Recover: Ensure all assets and operations affected by a cybersecurity incident are restored. After an attack, clarify who, within and outside your organisation, has recovery responsibilities before beginning recovery efforts. Ensure all affected systems and services are operational, double checking all work before resuming regular operations. It’s crucial to communicate with internal and external stakeholders throughout this process, carefully accounting relevant information and learnings.
As with all digital transformation projects, it will take time to begin to put the various policy and technological conditions in place to start building up your organisation’s cyber resilience and building a cyber resilience culture from within.
However, it’s crucial you get a move on today – start having conversations with your IT team and look to partners with experience in fostering cyber resilience within organisations.
Because, in a hyperconnected world where digital disruptions can range from minor inconveniences to catastrophic breaches, cyber resilience is the strategic armour that ensures an organisation’s ability to not just survive but thrive in the digital landscape.
To learn more about why Tata Communications has been recognised as a leader in cyber resiliency services, click here. Also, read about how we deliver resilient network security at the edge.
About the Author
Srinivasan CR is the Chief Digital Officer for Tata Communications. In this role, Srini is responsible for the overall digital and security strategy and execution for Tata Communications – a global digital ecosystem enabler to large enterprises globally. A technologist and a business leader, Srini is also the Global business head for cloud and security businesses at Tata Communications enabling digital transformation initiatives for customers. Srini’s experience spans over 25 years in enabling business technology solutions. He has worked in large enterprises, co-founded a start-up, custom- created new platform based solutions and leveraged technology to help build sharper customer experiences and differentiated business models.
Source: www.cyberdefensemagazine.com