Pandemic-era ransomware attacks have highlighted the need for strong cybersecurity measures. Now, leading organizations are going further and embracing a cyber resiliency paradigm designed to bring agility to incident response while ensuring sustainable business operations, whatever the event or impact.
Cyber resilience, as defined by the Ponemon Institute, is the ability of a company to maintain its core business in the face of cyber attacks. NIST defines cyber resiliency as “the ability to anticipate, resist, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.”
The practice brings together previously separate information security, business continuity, and disaster response (BC/DR) disciplines implemented to meet common goals. While traditional cybersecurity practices were designed to keep cybercriminals out and BC/DR focused on resilience, cyber resilience aligns the strategies, tactics, and planning of these traditionally siled disciplines. The goal: a more holistic approach than is possible by approaching each one individually.
At the same time, improving cyber resilience challenges organizations to think differently about their approach to cyber security. Instead of focusing efforts solely on protection, companies must assume that cyber events Will occur. Adopting practices and frameworks designed to support IT capabilities as well as system-wide business operations is essential.
“The traditional approach to cybersecurity was to have a good lock on the front door and locks on all the windows, with the idea that if my security controls were strong enough, they would keep hackers out,” says Simon. Leech, deputy director of HPE. Global Security Center of Excellence. The changes of the pandemic era, including the shift to remote work and accelerated use of the cloud, coupled with new and evolving threat vectors, mean that traditional approaches are no longer enough.
“Cyber resiliency is about being able to anticipate an unforeseen event, weather that event, bounce back and adapt to what we have learned,” says Leech. “What cyber resiliency really focuses us on is protecting critical services so that we can deal with business risks in the most effective way. It’s about making sure there are regular testing exercises to ensure that the data backup will be useful in the worst case.”
A cyber resilience roadmap
With a risk-based approach to cyber resilience, organizations develop practices and design security to be business-aware. The first step is to perform a holistic risk assessment across your IT estate to understand where risk exists and identify and prioritize the most critical systems based on business intelligence. “The only way to ensure 100% security is to give business users the confidence that they can conduct business safely and allow them to take risks, but do so safely,” explains Leech.
Another requirement is to adopt a cybersecurity architecture that embraces modern constructs like zero trust and incorporates agile concepts like continuous improvement. It is also necessary to formulate and institute proven incident response plans that detail the roles and responsibilities of all stakeholders so that they are adequately prepared to respond to a cyber incident.
Leech outlines several other recommended actions:
- Be a business partner. IT needs to fully understand business requirements and work together with key business stakeholders, not primarily serve as a cybersecurity enforcer. “Allow the company to take risks; don’t stop them from being efficient,” he advises.
- Remember that preparation is everything. Cyber resiliency teams must assess existing architecture documentation and assess the environment, either by scanning the environment for vulnerabilities, conducting penetration tests, or running simulation exercises. This verifies that systems have adequate levels of protection to remain operational in the event of a cyber incident. As part of this exercise, organizations must prepare appropriate response plans and enforce best practices necessary to bring business back online.
- Strengthen a data protection strategy. Different applications have different recovery time objective (RTO) and recovery point objective (RPO) requirements, both of which will impact backup and cyber resiliency strategies. “It’s not a one-size-fits-all approach,” says Leech. “Organizations cannot just think about backup, but [also about] how to do recovery too. It’s about making sure you have the right strategy for the right application.”
The HPE GreenLake Advantage
The HPE GreenLake Edge-to-Cloud Platform is designed with principles of zero trust and scalable security as the cornerstone of its architecture. The platform leverages common security building blocks, from silicon to the cloud, to continuously protect infrastructure, workloads, and data while adapting to increasingly complex threats.
HPE GreenLake for Data Protection offers a family of services that reduce cybersecurity risks in distributed multicloud environments, helping prevent ransomware attacks, ensure outage recovery, and protect data workloads and virtual machines (VMs). in on-premises and hybrid cloud environments. As part of the HPE GreenLake portfolio for data protection, HPE offers access to next-generation data protection cloud services as a service, including a Zerto-based disaster recovery service and HPE Backup and Recovery Service. This offering enables customers to easily manage hybrid cloud backup through a SaaS console along with policy-based automation and orchestration functionality.
To help organizations transition from traditional cybersecurity to stronger, more holistic cyber resiliency practices, the HPE Cybersecurity Consulting team offers a variety of advisory and professional services. These include access to workshops, roadmaps, and architectural design advisory services, all focused on promoting organizational resilience and adhering to zero-trust security practices.
HPE GreenLake for data protection also helps on the road to cyber resiliency by eliminating the upfront costs and risks of over-provisioning. “Because you are paying as you go, HPE GreenLake for data protection will scale with the business and you don’t have to worry about it. [about whether] it has enough backup capacity to handle an application that is growing at a rate that was not anticipated,” says Leech.
For more information, click here.