Cyber resilience in an era of uncertainty

Gene Yoo, CEO of Resecurity, Inc. Blog

Over the past year, we’ve seen businesses tap into resiliency to meet customer needs, take their workforce virtual and transform their operations because of the COVID-19 pandemic. Now, as the Delta variant sweeps across the globe, it will be this resiliency that organizations can use to overcome emerging challenges – particularly in cybersecurity.

Today, cyber espionage groups and cybercriminals are conducting malicious cyber activity while businesses and government organizations are impacted by the global crisis— leading to a lack of resources, disorganization and lower attention to cybersecurity management. If it were measured as a country, cyber crime would be predicted to inflict damages totalling $6 trillion USD globally in 2021 alone, making it the world’s third-largest economy after the U.S. and China.

Despite this resiliency and increased cybersecurity investment during 2020, nearly 80% of senior IT and security leaders feel they do not have sufficient protection from cyberattacks, according to IDG Research Services. Only 57% of these organizations reported conducting a data risk assessment in 2020. This is particularly concerning as cyber criminals are leveraging new methods to target vulnerabilities and attack vectors including zero-day exploits that may take months to detect and often leave huge windows of exposure.

The lack of risk assessment may be due to limited financial or staff resources, but it may also suggest security leaders fear what they don’t know when it comes to their data and security landscape. This unknown leads to uncertainty and a lack of ability to make strategic and weighted decisions. Intelligence as a domain has been created for decision-making, and if it doesn’t let us make decisions, it is an obvious waste of time and resources. Leveraging actionable intelligence, leaders have the data to answer “when”, “who”, “why” and “how” questions to improve security controls and make a pivot to a more optimized strategy to defend their infrastructure.

This leaves an immense opportunity for security leaders to build their cyber resiliency by using actionable cyber threat intelligence. To quickly adapt, organizations must first understand where their risk landscape is today, have the ability to monitor and identify incidents rapidly, and finally, have a plan in place to respond when incidents do happen. While seemingly basic, the research tells us the need still exists for this type of cyber resilient strategy. These attributes will allow security leaders to build a long-term security strategy that will boost their ‘pandemic immunity’ in the future.

Understanding and Managing Your Risk Landscape

Given the increase of remote work, cloud adoption and use of third-party vendors, security leaders have more risk than ever to identify. This is where conducting a data risk assessment is critical. While limited resources may be a barrier to these assessments, risk detection and management platforms are one solution for organizations to quickly identify risks within their security ecosystem and threats that lie outside of it. Identifying risks like network, identity, technology and geographical risks provide a look from the inside out for teams to build a security strategy around.

Increasing Visibility into Your Organization

To successfully monitor and respond to threats in today’s hybrid world, it is essential organizations go beyond just protecting endpoints. Taking an Extended Detection and Response (XDR) approach, security teams can have a holistic view and control across endpoints, networks, servers, applications and the cloud.  Combined with a strong understanding of the risk landscape, security teams can successfully monitor and manage security risks and incidents.

Using Actionable, Big Data to Your Advantage

While organizations conduct many of these steps, they use the massive amounts of data that comes with it to their security team’s advantage. Today, the industry requires solutions to analyze the data and produce actionable cyber threat insights that allow security teams to do more with less by categorizing attacks into low, medium, and high categories. The hunt for data has already started and will be a never-ending challenge– both for defenders and attackers.

Streamlining Solutions

A priority for many business leaders is consolidating tools and solutions to not only simplify and save costs but reduce some of the risks that come with third-party vendors. It is critical to decrease fragmentation and exclude overlapping solutions. By tapping into full-service platforms that do more with the data teams are already collecting, security teams can streamline efforts and contextualize findings to be more effective in today’s world.

Ecosystem Protection

It is important to treat your enterprise as a dynamic ecosystem. It is not limited just to endpoints but consists of a constantly growing volume of data and the complexity of modern telecommunication technologies. Furthermore, these technologies leverage hybrid clouds, micro-services, containers, virtualized environments and principally new technologies and standards, including 5G, to deliver information in the electromagnetic spectrum.

Cyber Sovereignty and Supply Chain

Countries and business leaders should develop their own cyber capabilities to get rid of “dependency” that often leads to significant risks. Partially, the root cause of this issue is in education (“brains potential”) leading to domination of a certain technology or a product. This aspect may lead to significant supply chain security risks— organizationally, financially and technologically. Adding more transparency into the actual risk associated with the supply chain will be one of the most important questions to resolve for the industry.

These elements will be essential for security leaders to develop cyber resilient strategies that can adapt and evolve over time. While security strategies will never be immune to cyberattacks, we can certainly help prevent them with strong cyber hygiene, solutions and practices in place.

The mission of modern security leaders should be focused on protecting what matters and delivering good to our society both on and offline in order to decrease tensions in cyberspace. By establishing collaboration between the key stakeholders across the globe in various sectors, we will be able to achieve stability in the economy, trade and technology progress and help deliver cyber peace.

Follow the debate on cybersecurity at the ITU Digital World 2021 session on Securing cyberspace and protecting privacy: meeting the challenges of a digital world on 30 November 2021

About the Author

Gene Yoo, CEO of Resecurity, Inc.

Gene Yoo has over 30 years of experience in cybersecurity and risk management for some of the world largest brand names such as Warner Bros., Sony, Computer Science Corporation, Coca-Cola Enterprise, Cyberpoint, Capgemini, and Symantec. Most recently, he served as Senior Vice President and Head of Information Security for City National Bank. He also served in an advisory role to Phantom (acquired by Splunk), Protectwise (acquired by Verizon), Elastica (acquired by Blue Coat) and Vorstack (acquired by ServiceNow).

Share this