CYBER SECURITY OPERATIONAL RESILIENCE I
If you followed cyber security in the past ten years, you'd notice that even the most seemingly secure organisations get breached. In fact, hackers have always been attracted to (and been successful in hacking) bigger organisations whose advanced security defenses pose a good challenge. With the repeated success of hackers in breaching the most secure defenses, organisations have to devise a means to stay resilient.
Operational resilience is the ability of an organisation to prevent, adapt, respond to, recover, and/or learn from operational disruptions. According to Gartner, it's the ability to alter operations in the face of changing business conditions. Essentially, operational resilience a set of techniques that allows people, processes and technologies to adapt to changing patterns.
Cybersecurity operational resilience, in a nutshell, is the ability of an organisation's information systems to continue operations in the event of a cyber-attack (with minimum loss of time and resources). It considers the organisation's ability to operate during a cyber-attack, adapt and recover from such attack. Developing cybersecurity operational resilience capabilities involve beginning with the end in mind, and assuming that one's organisation may fall victim to a cyber-attack.
Organisations have begun to appreciate cybersecurity resilience because of two realizations:
- They will continuously be the target of cyber-attacks for several different reasons. Even smaller corporations that may not have political affiliations are also targeted by hackers.
- The tools and technology available to hackers are endless and may overpower the cybersecurity controls implemented by the organisation. Also, with the boom of the dark web market, it's becoming increasingly easier for a hacker to procure advanced tools that would breach defence solutions of even the most secure organisations.
Therefore, organisations must now plan for the (high) probability that they would succumb to one of these numerous attacks. Enter Cybersecurity Operational Resilience.
Why is Cyber Security Operational Resilience Important?
Cyber security operational resilience is important to organisations because it helps them:
Enhance enterprise security: As expected, when organisations plan to mitigate the effect of cyber-attacks, they inadvertently improve their enterprise security. This is because the organisation would procure additional technology, develop policies ad processes around cybersecurity resilience and train all relevant employees, etc. All these activities would make for a more secure organisation.
Reduce the risk of financial loss: Money has always been one of the foremost reasons for cyber-attacks. A mature cybersecurity operational resilience programme will ensure that an organisation's risk of being a victim to financial fraud is greatly reduced.
Reduce the risk of data loss: Another key motive for cyber-attacks is data theft. Bearing this in mind, an organisation can ensure that its cybersecurity resilience programme covers the management of data exfiltration-type attacks.
Protect reputation: Brand reputations make or mar companies. Organisations, therefore, do all they can to ensure that events that can damage their reputation are avoided. Successful cyber-attacks (leading to financial loss, data exfiltration, etc) are one of these events. An organisation that cares about its reputation would not have hesitations in investing in cybersecurity resilience.
Maintain customer base (and trust): This is a brainchild of brand reputation protection. AN organisation that can maintain a reputation of keeping customer information safe would fewer troubles maintaining and/or a customer base
Meet regulatory compliance: Some organisations are mandated to prepare for cyber attacks (depending on their industry). For example, deposit money banks (DMBs) and payment service providers (PSPs) in Nigeria have regulatory guidelines from the Central Bank of Nigeria (CBN) which outlines how their cybersecurity operational resilience programme must be run. These guidelines form a section of the CBN Risk-based Cyber Security Framework released in July 2018 (and discussed in detail here).
Click here to read about how organisations can attain cyber security operational resilience.