In this era of digital transformation, the nature of corporate asset value has changed significantly, shifting away from the physical and toward the virtual. The digital realm amplifies brand value; at the same time it makes IP more vulnerable. Understanding the value of their IP assets and ensuring they are adequately protected, will be essential for businesses rapidly expanding “digitization” of corporate assets, which will correspondingly increase corporate risk.
As we have seen in the headlines, cyber disasters cripple business operations and impact shareholder value. The last few years we have seen those affecting several world class organization across several verticals such as Travelex, Zoom, and ISS World, causing millions of dollars in losses and reputation.
Whether it is a targeted attack or collateral damage from a nation-state conflict, cyber risk directly correlates to business risk. In fact, according to SANS, cyber disasters now inflict more business damage than natural disasters and strike more frequently.
Enter Cyber Resilience
As many organizations learn and update their cybersecurity playbook, “Cyber Resilience” is the key word being discussed at the Board Level.
Cyber resilience is the ability of an organization to enable business acceleration (enterprise resiliency) by preparing for, responding to, and recovering from cyber threats. A cyber-resilient organization can adapt to known and unknown crises, threats, adversities, and challenges. The goal of cyber resiliency is to help an organization thrive in the face of adverse conditions (crisis, pandemic, financial volatility, etc.).
These are the common cyber resilience threats:
- Cybercrime: This involves stealing money or acquiring the means to steal money, as well as steal sensitive data to monetize.
- Cyber hacktivism: This is done by activists and hackers generally motivated by a belief or cause to achieve an outcome — for example, revenge.
- Cyber espionage: This is motivated to gain an economic advantage in diplomacy, trade, or warfare.
- Business continuity management: This involves human error or accidental consequences such as an operator’s fault.
In this sophisticated threat environment, traditional security tactics are failing. The old methods of adding another point product to the mix or waiting for IT to identify and propose technology solutions to the business side of the house is less effective than ever. Cyber resilience is about managing security with a multi-layered approach that encompasses people, processes, and technology.
Cyberattacks and data breaches are now putting organizations at risk. This is why data security has become the global goal of organizations securing DATA — one of their most valuable assets. It is crucial to an organization to detect, prevent, and recover from cybercrimes, which is why cyber resilience should be the best defense.
A comprehensive digital transformation that addresses cyber resiliency requires the integration of cybersecurity throughout the enterprise lifecycle – to protect the business, detect for changing risk surface, and evolve the capability to address with changing threats.
Zero trust is becoming the new normal
At the start of the COVID-19 pandemic, remote working became the de facto setting for most organizations practically overnight. This mass migration to remote working forced every business to consider how to operate security with a distributed workforce and without perimeter security, and is known as "Zero Trust." Zero Trust is a philosophy, a process that asks, never trusts, and always verifies, which when tied to Enterprise Security Lifecycle can help organizations achieve business goals
“Zero trust is a fundamental transformation of corporate security from a failed perimeter-centric approach to one that is data-centric.” – "The Zero Trust Security Playbook,” Forrester Research, Inc., July 2020.
In order to shift away from the large corporate perimeters, with layered-in or bolted-on compensating security controls, Zero Trust forces enterprises to evolve to a model made up of many micro perimeters at each identity domain. Zero Trust proposes the idea of protecting data from the inside out with an Intelligent Multi-layered Defense Strategy to “break the chain” using Intelligent solutions to help proactively detect and protect sensitive data stores, applications, systems, and networks themselves; thereby directly guarding assets that matter.
The three layers of protection:
Pillar 1: Protect: To successfully protect your enterprise, you must thoroughly understand your company’s security and risk posture. Begin by painstakingly identifying the organization’s business goals. Conduct an infrastructure and information assessment, for end points (remote, tele or on-premise), identity, infrastructure, network, and for risk and continuous revalidation, authentication, with appropriate risk posture decisioning (e.g. quarantine, segmentation, and enclaving). Establishing a baseline, rating information assets in terms of value to the business and prioritize what to protect.
Ask, where is the data located? Who is using it? What is its value? How is it currently protected? Is it vulnerable? If so, what makes it so? This exercise also encourages greater awareness among employees regarding what can happen when they put data at risk. It helps to align business and IT in terms of cyber risk and management, while spurring culture change in employee behavior.
Once you have a good handle on what's out there, where it lives, its level of sensitivity, how vulnerable it is, and your risk tolerance, you can begin to take the necessary steps to protect it. Protection is about developing and implementing safeguards for critical infrastructure and services in order to limit or contain the impact of an attack.
A good cyber resiliency strategy protects your systems, your applications, and your data. Tying it to strong Identity and Access Management program by controlling access according to users’ specific needs with a principal called Least Privilege, which tracks them wherever they go. Finally, look at the privacy of your data. Data privacy and protection should allow you to manage structured and unstructured data throughout its lifecycle, supporting your digital transformation initiatives with a framework that promotes cyber resilience. This data protection framework encompasses three Tenants; find and analyze, store and apply policy, and secure and encrypt, to ensure that you are protecting data in use, in transit, and at rest.
Pillar 2: Detect: The Detect pillar focuses on developing and implementing the appropriate activities to rapidly identify an attack, assess the systems that may be affected, and ensure a timely response. In addition, this stage focuses on real-time cyber visibility on real-time threats, through machine-added detection, automated hunting, and advanced situational awareness.
Automation with machine learning, and adaptive cyber-threat detection provides us the ability to respond to attacks faster before it spreads, resulting in reduced damage and cost addressing current and future threats to the business.
Pillar 3: Evolve: The major component of evolve in cyber resilience is the ability to adapt your security posture to stay ahead of threats. A cyber resilient organization will anticipate the new attack vectors through threat modeling, correlating data using mathematical models and machine learning techniques to make data-driven decisions, helping to defend before they become new vulnerabilities.
Critical to any resilient security strategy is recovery. The ability to rapidly restore digital platforms, adapt, and recover mission-critical systems to avoid business interruption is paramount. Organizations can do this by using the latest technologies in automation, machine learning, and adaptive cyber-threat detection to address current and future threats to the business.
No matter the outcome, organizations must be able to restore their people, processes, and systems as quickly as possible. They can do this by continuously self-assessing and measuring the state of cyber performance and continuous improving to support the business.
Create a cyber resilience organization
Think in terms of not eliminating cyber risk but of creating cyber resilience. To create cyber resilience, organizations must begin by changing the conversation about cyber risk. It is crucial to align IT and the business and encourage regular, productive discussions to identify the benefits and risks associated with a cyber resilient strategy. Embark on your cyber resiliency journey using our new Cyber Resilience Assessment Tool. The tool is designed to help you identify gaps in your cybersecurity posture so you can understand how to prioritize them for your business.
Start with Zero Trust
To begin your first steps to ZERO TRUST, download our complimentary white paper, Zero Trust: Rethinking Security. Next, listen to the replay of our recent IAM webinar, Zero Trust Security…The evolution of Trusted Identities. In this webinar we cover where Zero Trust is today and what we believe Zero Trust will become in the future.
Have technical questions about NetIQ Identity Manager? Visit the Identity Manager User Discussion Forum. Keep up with the latest Tips & Info about Identity Management. Do you have an Idea or Product Enhancement Request about Identity Management? Submit it in the Identity Manager Idea Exchange. We’d love to hear your thoughts on this blog. Comment below.