Pandemic-era ransomware attacks have highlighted the need for strong cybersecurity protections. Today, large organizations are going the extra mile by embracing a cyber resilience paradigm designed to bring agility to incident response while ensuring sustainable business operations, regardless of the event or impact.
Cyber resilience, as defined by the Ponemon Institute, is a company’s ability to maintain its core business in the face of cyberattacks. NIST defines cyber resilience as “the ability to anticipate, resist, recover and adapt to adverse conditions, stresses, attacks or compromises on systems that use or are enabled by cyber resources”.
The practice brings together formerly separate disciplines of information security, business continuity and disaster response (BC/DR) deployed to achieve common goals. Although traditional cybersecurity practices were designed to ward off cybercriminals and BC/DR focuses on recoverability, cyber resilience aligns the strategies, tactics, and planning of these traditionally siled disciplines. The goal: a more holistic approach than what is possible by addressing each individual.
At the same time, improving cyber resilience is forcing organizations to think differently about their approach to cybersecurity. Instead of focusing their efforts solely on protection, companies should assume that cyber events will be occur. Adopting practices and frameworks designed to support IT capabilities as well as system-wide business operations is essential.
“The traditional approach to cybersecurity was to have a good lock on the front door and locks on all the windows, with the idea that if my security controls were strong enough it would keep hackers out” says Simon Leech, HPE Deputy Director, Global Security Center of Excellence. Pandemic-era changes, including the shift to remote working and accelerated cloud usage, coupled with new and evolving threat vectors, mean that traditional approaches are no longer enough.
“Cyber resilience is being able to anticipate an unforeseen event, resist that event, and recover and adapt to what we have learned,” says Leech. “What cyber resilience really focuses us on is protecting critical services so that we can manage business risks in the most effective way. This is to ensure that there are regular testing exercises that ensure data backup will be useful at worst.
A roadmap for cyber resilience
With a risk-based approach to cyber resilience, organizations are evolving their practices and designing security to listen to the business. The first step is to perform a comprehensive risk assessment across the entire IT estate to understand where the risk exists and to identify and prioritize the most critical systems based on business intelligence. “The only way to ensure 100% security is to give business users the confidence that they can perform their activities safely and allow them to take risks, but do so in a secure way,” says Leech. .
Adopting a cybersecurity architecture that embraces modern constructs such as zero trust and incorporates agile concepts such as continuous improvement is another prerequisite. It is also necessary to formulate and institute proven incident response plans that detail the roles and responsibilities of all stakeholders, so that they are properly prepared to respond to a cyber incident.
Leech outlines several other recommended actions:
- Be a business partner. IT should fully understand business requirements and work collaboratively with key business stakeholders, not primarily serve as a cybersecurity lead. “Allow the company to take risks; don’t prevent them from being effective,” he advises.
- Remember that preparation is key. Cyber resilience teams should assess existing architecture documentation and assess the environment, either by scanning the environment for vulnerabilities, performing penetration tests, or running tabletop exercises. This verifies that the systems have the appropriate levels of protection to remain operational in the event of a cyber incident. As part of this exercise, organizations should prepare adequate response plans and apply the best practices required to get the business back online.
- Consolidate a data protection strategy. Different applications have different recovery time objective (RTO) and recovery point objective (RPO) requirements, both of which will impact backup and cyber resilience strategies. “It’s not a one-size-fits-all approach,” says Leech. “Organizations can’t just think about backup, but [also about] how to do recovery too. It’s about making sure you have the right strategy for the right application.
The HPE GreenLake Advantage
The HPE GreenLake edge-to-cloud platform is designed with zero-trust principles and scalable security as a cornerstone of its architecture. The platform leverages common security building blocks, from silicon to cloud, to continuously protect infrastructure, workloads, and data while adapting to increasingly complex threats.
HPE GreenLake for Data Protection offers a suite of services that reduce cybersecurity risks in distributed multicloud environments, helping to prevent ransomware attacks, provide disaster recovery, and protect data and virtual machine workloads ( VM) in on-premises and hybrid cloud environments. As part of the HPE GreenLake portfolio for data protection, HPE offers access to next-generation data protection-as-a-service cloud services, including Zerto-based disaster recovery service and HPE Backup and Recovery Service . This offering allows customers to easily manage hybrid cloud backup through a SaaS console while providing policy-based orchestration and automation capabilities.
To help organizations transition from traditional cybersecurity to more robust and holistic cyber resiliency practices, HPE’s cybersecurity consulting team offers a variety of advisory and professional services. Among them are access to workshops, roadmaps, and architectural design consulting services, all focused on promoting organizational resilience and implementing zero-trust security practices.
HPE GreenLake for Data Protection also eases the journey to cyber resiliency, as it removes upfront costs and risks of over-provisioning. “Because you pay as you go, HPE GreenLake for Data Protection will scale with the business and you don’t have to worry [about whether] you have enough backup capacity to handle an application that grows at an unforeseen rate,” says Leech.
For more information, Click here.