The key to cyber resilience (Guest blog by Galaxkey)
The dictionary definition of “Resilience” is “capacity to recover quickly from difficulties”. But what about a word for “capacity to recover when one is faced with wave after wave of difficulties, day after day”? I couldn’t find one. Someone suggested “resign to fate”.
I wanted to find this elusive word so I could describe the current state of cyber security – getting trickier year after year. Now compounded by recent geopolitical happenings, and the economic downturn which has adversely affected organisational cyber investments.
August’s cyber security newsletter from UK-DCMS shared startling findings from the Cyber Security Breaches Survey:
- 4 in 10 businesses and 3 in 10 charities reported a cyber security breach or attack last year
- Of those who were breached, 34% had a negative outcome
And, the IBM Cost of a Data Breach Report 2022 reported:
- 83% of organizations studied experienced more than one data breach; of these, 83% stated this was not their first data breach
Over my two decades in this domain, I have seen the challenge evolve frequently. So, I welcome the discussion about cyber “resilience” – now, it’s not just about preventing a cyber incident, it’s also how quickly one can recover to a stable state with the least damage. Here, I share my two cents for organisations to augment their cyber resiliency strategies.
The cyber problem is too complex to have a silver-bullet solution. We need to infuse new elements in the tried-and-tested fundamentals of Tech–Process–People triad.
Robust technology
With data centric attacks including breaches and ransomware rising continuously, data protection remains a key pillar for cyber strategies. This centres around safeguarding sensitive data even if it falls into wrong hands. Did I hear “encryption”?
The benefits are obvious:
- Encrypted data carries no risk of exposure.
- Since encrypted data is no use to attackers, their “attack incentive” reduces - making repeat attacks less likely.
- Most privacy regulations exclude need to inform data-subjects about breach if data is encrypted. Saving you regulatory fines and reputation losses.
- Ransomware attackers have changed their paradigm from “locking data to demand money” to “exposing locked data to demand money”. If you experience a ransomware attack and your data is encrypted, it cannot be misused by an attacker for ransom.
If you haven’t yet, data encryption should be a baseline technology that all organisations must adopt.
A comprehensive suite, such as that provided by Galaxkey, covering the information sharing needs of an organisation and built on a strong NCSC-certified encryption platform not only addresses the security requirements, but also reduces architectural complexity and introduces substantial cost benefit.
Functional controls
Technology alone cannot solve this challenge. It needs new functional/process controls. While DR and BCP have long been a key part of resilience, we need to introduce new elements into this equation.
Add one thing to your arsenal – Cyber Insurance.
Most corporate insurers cover incident triage to recovery to lost business, including legal costs. A well thought out cyber insurance strategy can add huge value to your organisational resilience program.
People
All the above will fail without people. Anyone who has lived through a cyber incident knows the importance of a shoulder to lean on during these stressful times. With this in mind, our organisation runs two major programmes to help with this :
- LEAP (Leadership Engagement and Advisory Program) – This forum brings together our customers, sales partners and thought leaders. With members from multiple geographies and industry verticals, LEAP is a useful ecosystem for sharing insights on corporate cyber security strategies and individual knowledge.
- Educational CSR – As a responsible company, our role doesn’t end at building the best technology; we also invest heavily in our Education CSR program. Along with extending discounted pricing for schools, we also conduct awareness sessions for students on safe cyber habits and career guidance.
In summary, from our learnings at GalaxKEY, some keys to cyber resilience:
- Robust data protection technology (with encryption at the core)
- Cyber insurance
- Comprehensive people engagement program
The journey from “cyber security” to “cyber resilience” has just started and we are all learning.
Help to shape and govern the work of techUK’s Cyber Security Programme
Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.
*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.
Upcoming events
Get involved
All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.
Authors
Sameer Shaikh
Sameer heads up InfoSec, IT governance and industry relations with Galaxkey. He has over 20 years of domain experience, with his previous roles including group head of InfoSec at Emirates Airline and Air Arabia. He has an MBA in IT, and holds certifications such CISSP, CISA, CGEIT and ISO 27001 LA. He has been contributing as panellist and speaker at various cyber forums, and as an advisor to start-ups and companies. Cyber Resilience and People-aspect of InfoSec are his latest muse; he is working with educational institutions and organisations to build an ecosystem of diverse InfoSec players to join forces and devise cyber resilience programs that can be offered pro-bono to benefit organisations.