What is cyber resilience?
Cyber resilience is the ability to prevent, withstand, adapt, or recover from various types of cyber-attacks on the data of an individual or an organization.
In today’s digital landscape, organizations shoulder the responsibility of safeguarding sensitive information, including credit card details, social security numbers, passport numbers, and financial data. As custodians of such confidential records, these entities are held accountable by their shareholders and stakeholders for maintaining the utmost security. However, the landscape of cyber threats is constantly evolving, with attackers employing increasingly sophisticated techniques. Consequently, even the most robust defenses of reputable organizations have been breached, leading to detrimental consequences.
The occurrence of such incidents not only jeopardizes the safety of valuable data but also tarnishes the public perception of these organizations, causing significant setbacks. To ensure continued progress, it is crucial for organizations to learn from these incidents, fortify their systems, and swiftly recover from any damage caused.
Recognizing the ever-present risk of cyber-attacks, organizations must prioritize cyber resilience. This entails adopting a proactive approach to bolstering security measures, promptly detecting potential threats, and effectively responding to and recovering from any breaches. By embracing cyber resilience, organizations can enhance their ability to withstand and mitigate the impact of cyber incidents, reinforcing trust with stakeholders and preserving their reputation.
Understanding cyber threats and risks
Cyber threats pose not only financial but also reputational risks. There are precedents of organizations – Cognizant in the recent past – suffering both enormous financial and reputation loss because of a ransomware attack. It’s critical to understand the various cyber threats and the risks they pose. Over a period of time, cyber threats have evolved and become more dangerous, and there are several different types.
Malware
Malware is a broad term for various types of viruses that can infect a system, such as Trojans, spyware, ransomware, and worms. Malware can breach computer systems in various ways and people invite them into systems every day. Malware can pose as an innocuous email attachment, link, or document. It can get into the system through a download from a website. When you perform an action on these items, the virus is activated in your system.
Ransomware
The purpose behind ransomware is to lock out your system, making it inaccessible to you, and demand a hefty ransom, usually in money or bitcoins from the owner of the system. The system contains confidential data and it puts huge pressure on the owner. Sometimes, the hacker behind the ransomware threatens to wipe out the data if the ransom is not paid by a certain time period.
Phishing
Phishing is a technique used to trick individuals into revealing confidential details such as credit card details, bank account passwords and credentials, social security numbers, and other important details. Tricksters send emails or links to websites that appear genuine to the victims. For example, the tricksters may send an email from an email ID that may look like a genuine bank email ID that asks the person to log in. The unsuspecting person logs in and the login credentials are captured immediately. While there are subtle differences and precautions to be taken, many people and even organizations fall into their trap regularly.
Distributed Denial of Service (DDoS) Attacks
This type of cyber threat occurs when a system activates one or more bots to drive unusually high traffic to a website. So much so that the server of the website crashes. Think of the consequences, especially if it’s a reputed website or eCommerce website. Denial of genuine traffic means a huge loss of revenue for the website.
Building up cyber resilience
Cyber resilience is a multi-pronged ongoing program because cyber threats always lurk, looking for weak points. We can break up a cyber resilience program into the following parts:
Individual level
On an individual level, it’s about awareness and being mindful of actions being performed on the internet or offline. Given that threats are varied and evolving, it pays to be vigilant. One needs to educate oneself about the various threat types and their preventive measures. Individual computer systems need to have a comprehensive and robust anti-virus system that keeps 24/7 vigil and blocks suspected malicious sites. The individual needs to be aware of phishing attempts and not click any email, or attachment, or download any attachment from unsecured sites. These measures do not guarantee full-proof security but one also needs to have a robust recovery system in place.
Organizational level
Organizations must first build up a robust and organized system of cyber resilience that will be built on the following pillars:
Prevention
Organizations can employ the following measures:
- Virtual private networks: Virtual private networks can prevent unauthorized access to an organization’s systems and data. Globally reputed organizations tend to have Virtual private networks that encompass all the data and the systems and make it mandatory for the employees to perform all work in the Virtual private networks.
- Strong authentication systems: Organizations should set up strong password policies and password expiry dates that are mandatory for all employees. It really helps to set up a multi-factor authentication system (MFA) to ensure double security.
- Regular software updates and patches. Operating systems and all other software systems release periodical patches that should be implemented.
Employee education
Global and reputed organizations tend to conduct regular, mandatory security training for their employees on various security measures and the responsibilities of the employees to maintain the confidentiality of the data.
Recovery readiness
Business continuity is critical to the survival and growth of the organizations. So, they need to put in place a disaster and data recovery system that enables them to salvage the situation, in case there is a cyber-attack on the system. They need to put in place data backup systems and practices that ensure the integrity of the data they are processing. Cloud systems may be safe but they should be balanced with on-premise systems.
Conclusion
The threat of cyber-attacks is real and there have been far too many attacks to not take it seriously. Snatch, a hacker group claiming to have links with Russia, stole 500 GB of data from a McDonald’s server and posted an undisclosed ransom amount on the dark web. There have been many such examples, even on the most fortified systems. Cyber-attacks have been getting increasingly sophisticated and even institutionalized. It is imperative that along with growing threats of cyber-attacks, cyber resilience becomes stronger and more robust.