The year 2020 saw an enormous increase in cyber-attacks. As a result, businesses are investing heavily in cybersecurity and cyber resilience. Some commentators see cybersecurity and cyber security resilience as one and the same. They are different and require unique types of investment.
What Is the Difference between Cybersecurity and Cyber Resilience?
Cybersecurity is protection against cybercrime. Resilience is an organization’s ability to bounce back and carry on even if their systems have been compromised. Resilience is needed when hackers and malicious individuals penetrate an organization’s network and when information is inadvertently breached by human error.
Cybersecurity can be compared to a wall and moat around an ancient city. The hope is that the wall in the moat would keep attackers out. Resilience could be compared to the army on the other side of the wall that responds in the event of a breach.
Cyber security resilience stems from the principle that no cybersecurity system is impenetrable. No matter how well-designed a cybersecurity system is, there is a way of getting around it. Hackers and malicious people are smart, and they are on the cutting edge of technology. This means that they will find a way into the most protected systems. Resilience is a strategy that minimizes the impact of the breach.
Cybersecurity and Resilience in a Practical Sense
What does this mean in a practical sense? Well, cybersecurity means making sure that your devices are running the latest firmware and that all of their systems are up-to-date. It means that you are using VPNs, antivirus protection, and malware protection and that firewalls that are up-to-date. All of your tools should be fixed and have the latest patches. Employees should know about potential threats and should be trained on how to protect the organization.
Resilience depends on what an organization does. In most cases, it starts with identifying weak spots where a breach could happen and identifying the most sensitive parts of an organization. From there, it involves creating a diagram that outlines the technology your organization is reliant on and the technology used to store sensitive data. Some organizations create a digital simulated model of the organization’s process to get a clear picture to see if what they are doing is impacting efficiency.
Once you understand how your organization could be affected in the event of a breach and once you have identified potential weak spots, resiliency means creating processes to mitigate the damage as quickly as possible if there is a breach. You can think about a kingdom strategically placing soldiers to quickly respond if weaker parts of the city walls are breached.
Your organization might create off-line emergency processes that keep core functions of the business running until the breach can be repaired. You may wish to create a chart that outlines the steps that should be followed if there is a security breach and clearly outline who carries out what steps after a breach.
It is essential to layout who will communicate information to whom to make sure that they miss no steps. This is especially important when considering reporting breaches to regulators. This plan of attack should include steps to assess the impact of the breach and steps to get operations back to normal quickly.
Even the best cybersecurity plan will eventually be breached. Cyber resiliency means being prepared for when those breaches happen so that their impact can be minimized.
