Cyber resilience emerged as a response to the evolving need for information security. Organizations recognized that attacks were a question of when, not if, and adapted security strategy to include orchestrated response and recovery frameworks that could identify critical assets, protect key data, detect potential issues, respond to immediate threats and jump-start recovery to get businesses back on track.
As a result, enterprises went to work on building resilience “funnels” — strategies that aggregate and address issues along the traditional corporate IT stack, from local servers to third-party providers and hybrid cloud services. The advent of democratized technologies and delocalized work, however, has created a new attack avenue. Instead of funneling down into common cyber resilience capture points, many attackers take a sideways approach that targets remote users, lateral services or public connections.
To solve for emerging attack vectors, organizations need a new defensive design: the cyber resilience web. Not sure where to start? Let’s break down six critical components of this security string theory.
1. Start With Support
The first pillar of any cyber resilience framework is identification: locating key business applications and any associated risks. In the context of a cybersecurity web, this expands to include identifying key supports, specifically from the C-suite.
Why? Because effective webs need firm foundations to deliver consistent results over time. Broad security strategy that lacks boardroom budgets and boosters won’t hold for long. As a recent IDC white paper notes, the scope of support also matters. Along with C-suite champions, organizations need stakeholder buy-in from data owners, IT teams and frontl ..
Support the originator by clicking the read the rest link below.
