Coronavirus (COVID-19) has triggered a rapid change in how organisations use technology; both to support remote working and to meet the needs of a customer base that has very different working and living arrangements. As businesses adapt their operating models through digital innovation and the potential adoption of less established technologies, the likelihood and impact of cyber attacks increases. Strengthening your cyber resilience is therefore key to protecting everyday operations.
Accelerated changes already being observed include:
- Educational institutions using online platforms to provide engaging and interactive home-based learning;
- The entertainment industry finding new digital channels to share films, plays and music; and
- The use of augmented reality solutions to allow retail customers to visualise products from their homes.
During the pandemic, our cyber threat intelligence team has also seen a rise in the number of public high-profile cyber security incidents, the majority being ransomware attacks involving exfiltrated data being leaked. However, there are also instances of data being encrypted, with payment demanded to decrypt the information and enable access again. This double threat poses a challenging dilemma for firms as they consider the financial, operational and moral implications of whether or not to pay.
Understanding your exposure
As organisations make these technological changes, it is essential they also evaluate their cyber resilience as part of a broader operational resilience strategy. These steps will help them prepare for, respond to and recover from operational disruptions as a result of a cyber attack.
To help you prepare, respond and recover, I’ve laid out eight key areas for consideration:
1. Understand critical business processes and information assets
Understand which processes and information assets, if impacted by a cyber attack, will have the biggest impact on your business from a customer, operational, regulatory and financial perspective. Having this knowledge, along with understanding your tolerance for operational risk, means you can assess whether there is sufficient investment to help protect their confidentiality, integrity and availability. This data can also support the prioritisation of activity when responding to and recovering from a cyber attack.
2. Consider your broader ecosystem
Don’t just focus on the resilience of your organisation in isolation, but also the network of third parties that enable you to operate effectively. How do you work together to adapt and change to rapidly evolving cyber risks?
3. Assess and mitigate cyber risks
Understand risk by creating realistic threat scenarios that leverage past events, near misses and industry views. Assess the impact of each scenario to your ecosystem and capture mitigating activities, while also defining the risk appetite of the organisation. This risk-based view helps to determine if the right capabilities are in place to protect against, respond to and recover from each scenario.
4. Factor cyber resilience into product and service designs
Protect your organisation from cyber attacks by building security into the design of technological changes. This could include using multiple layers of protection (defence in-depth), zero trust assumptions and fail-safe modes. The adoption of cloud-based solutions may also be considered to help bolster cyber resilience.
5. Build and maintain effective monitoring, detection and protection controls
Look for, find and address abnormal activity across your IT estate using an advanced defence and detection capability.
6. Design and rehearse robust frameworks, plans and playbooks to respond to and recover from a cyber attack
While organisations will have now tested and be improving their materials to respond to and recover from a pandemic, it is key that these are also revisited and rehearsed for cyber security scenarios so that an organisation can return to business as usual operations as quickly as possible.
7. Build cross-industry support
Proactively building relationships with similar organisations through government and industry bodies will help build cyber resilience at a sector level as well as within your organisation.
8. Build cyber security awareness and foster a security culture
Use a range of communication channels to improve cyber security awareness among employees and third parties. This should explain their role in helping to keep themselves and the organisation secure.
While organisations are taking bold actions to sustain their businesses during this highly disruptive period, it is important this is done in a cyber resilient way to help protect their future success. For more information, please get in touch.