Why we should rename October 'Cyber Resilience Month'
By Sandeep Parande, Director, Security & Resilience Practice, Kyndryl ANZ
Thursday, 02 November, 2023
2023 should be the last year we officially observe Cybersecurity Awareness Month. Next year, we need to rename it Cyber Resilience Month. There, I’m calling it.
Don’t get me wrong, I love Cybersecurity Awareness Month. It draws attention to a hugely important issue for every citizen, organisation and business — ‘security’ is the fundamental need in our IT estates. But, as The Rolling Stones famously sang, you can’t always get what you want. With the ongoing proliferation of sophisticated attacks by bad actors, increasingly powered by AI, 100% cybersecurity is not something we can fully achieve.
Instead, we should focus on getting what we need — to be as cybersecure as possible AND equip our organisations to respond and recover from the cyber attacks that will inevitably come. That means investing time and resources to not only stop the bad guys in the first place but also to adapt to and mend crises when they arise.
Business and operational models must flex to meet the evolving risks with hybrid work and multi-cloud environments, while cybersecurity processes and infrastructure must be modernised to support the realities of businesses today.
One major problem is that traditional security operations tend to implement a one-size-fits-all approach that works in isolation from the changing needs of an organisation and business landscape. Another is that organisations have become complacent with existing cybersecurity practices and investments, only to become susceptible to new and as-yet-unknown vulnerabilities.
Our mindset needs to change. As the old parenting motto goes: “Prepare the child for the road, not the road for the child.” As much as we want to make the world a safe place, it is not always safe, so we need to develop resilience.
Here are four simple ways to start.
1. Plan, assess and prioritise
Understand your organisation’s risk appetite and tolerance. Conduct a deep-dive analysis of existing applications and infrastructure business requirements. Identify legacy systems and technologies that are becoming conduits for inefficiencies and scalability. Prioritise and agree on an action plan that will have the biggest impact on operations and financial performance, both short and long term.
2. Foster a DevSecOps culture
To optimise both security and resilience, processes must be both efficient and effective. Creating a DevSecOps culture is foundational to this shift in mindset as it integrates security throughout an organisation’s IT lifecycle rather than working in silo. This concept is also people-focused, creating shared responsibility between developers, operations, and security teams, and it must get buy-in from the leadership team. As workloads move to the cloud to reduce reliance on legacy systems, organisations fostering DevSecOps will win in developing security-by-design to secure and streamline their operations.
3. Emerge stronger with incident recovery
Cyber resilience is characterised by the ability to minimise disruptions to critical business processes with a methodical and collaborative recovery system. Organisations today need to assess incident response readiness and build an incident recovery plan aligned with business needs. This will help mitigate the impact of an outage and provide fast, reliable and scalable recovery across hybrid multi-cloud environments.
4. Employees as the critical link
Finally, if there’s one thing to remember, it’s that cyber resilience is really all about people, not machines. Cybersecurity education and training for employees must be prioritised. Business leaders need to create an environment where employees understand that it is a shared responsibility to create a cyber-resilient and transparent culture. That includes continuous monitoring to complement all employees being vigilant to any unusual activity.
Adopting this proactive and continuous security and resilience mindset ensures that organisations not only respond to a challenge or threat but can quickly adapt and reduce the impact on their customers, stock prices and systems in the short, medium and long term.
The need for mental health support within the cybersecurity profession has been evident for quite...
Collaborating with industry stakeholders to devise a ransomware reporting obligation is a key...
With the ever-increasing speed and sophistication of cyber attacks, we need speed, scale and...