Posted on Wednesday, January 3rd, 2018 in Cyber

Perfect security has been an ultimate goal for companies for years. However today, risk is no longer viewed as being perfect or binary. It is a continuum. In 2018 enterprises will focus on getting their resilience as high as possible or reducing their risk by taking down the highest-risk activities [1]. Either way, one must be aware that no enterprise will be perfect. Compromises have to be made and the central question is not whether a company has perfect security, but how quickly and correctly do you respond when you do get hacked?

This is where (cyber) resilience comes in. Resilience is defined as “an ability to recover from or adjust easily to misfortune or change.” In concrete terms for companies, this requires planning and preparing for cyber-attacks and other threats, as they will happen. Enterprises should continuously evaluate and improve their risk exposure. Key to achieving this, is being a fast learning organization.

The reason that in 2018 cyber security should be translated into cyber resilience, is that the treats do not only include hackers. Threats may have various natures and should be all prepared for. Threats may include [1]:

  • Hackers— cyber threats come in all sizes and can affect any part of the organization;
  • Natural disasters— regular as well as extreme national disasters can take the enterprise, or part of it, offline for hours or even days;
  • Human error— people make mistakes and can accidentally or intentionally trigger unexpected situations;
  • Mergers and acquisitions— fuelled by low interest rates and available capital, mergers and acquisitions mean that two teams, networks and identity systems merge and become one, presenting potential instability and an opportunity for something unplanned to happen.

These threats have in common that they may challenge the organization’s ability to operate productively and effectively. Continuous improvement of resilience to these threats by planning will be more crucial then ever before in the fast changing wold we live in nowadays. SIM-CI is developing a tool that will be very useful in planning to increase cyber resilience by providing simulations on demand, to map possible risks and indicate areas of improvement to become more resilience. Businesses should not wait until they become at risk, by solely focusing on cyber security, but should transform into a healthy enterprise in which resilience is a central aspect that garners the attention it deserves.

Click here to watch a short video on this topic:

Source:

[1] https://blogs.dxc.technology/2017/12/04/2018-cyber-resilience/

If interested, read on:

 

Header photo by Kevin on Unsplash