Cybersecurity

Steps cyber-resilient businesses must take now

People working at an office with their own computers. Organizations can count on cyber hygiene steps that, if performed regularly, will help in becoming a cyber resilient organization.

Organizations can count on cyber hygiene steps that, if performed regularly, will help in becoming a cyber resilient organization. Image: Unsplash / @sigmund

Vikram Rao
  • Organizations traditionally rely on self-assessments to measure their response capabilities to cyberattacks.
  • Cyber-resilient organizations should count on other steps that proactively protect assets.
  • Only resilience programmes that consider 'cyber hygiene' can keep up when risks arise.

Cybersecurity threats have always been part of the digital landscape. Organizations of every size and industry and entire nation-states have faced attacks that include infected devices, stolen information, and disrupted systems. But what happens when private organizations are charged with protecting critical infrastructures and with securing the data that runs our most essential resources?

As US President Joe Biden noted in March, the current administration “will continue to use every tool to deter, disrupt, and respond to cyberattacks against critical infrastructure. But the federal government can’t defend against this threat alone. Most of America’s critical infrastructure is owned and operated by the private sector, and critical infrastructure owners and operators must accelerate efforts to lock their digital doors.”

Across the globe, there is an urgent need for both public and private organizations to do more than react, making cyber resilience imperative, regardless of what type of data or resources we are trying to protect. Doing more, in the case of a successful public-private partnership for cybersecurity, starts with collaboration and knowledge sharing.

Traditionally, corporate and government organizations have guarded security intelligence. But this mindset is changing, as evidenced by the Cybersecurity and Infrastructure Security Agency’s (CISA) August 2021 launch of the Joint Cyber Defense Collaborative. Addressing cybersecurity as a shared responsibility can make everyone more aware of emerging threats and help to collectively drive the roadmaps of key security vendors to develop technology to protect, detect, respond to, and recover from potential attacks.

Loading...

Along with a new mindset of collaboration, industry standards for business continuity and disaster recovery need to adapt to the times. Existing methodologies to determine an organization's level of resilience, including checklists, maturity models, and self-assessments, are unreliable indicators of recoverability.

Have you read?

Instead, resilience programs with agile capabilities have the muscle memory to maintain availability when risks arise. Resilience programs consider 'cyber hygiene,' the practice of regularly performing actions to maintain assets secure, as essential. These organizations consider the ecosystem and know which levers to pull in response. These are additional steps that cyber resilient businesses must take now:

Being proactive about cyber hygiene

Organizations should engage cyber hygiene in advance, not in response. One of the best ways to see a return on security investments is by focusing on core fundamentals such as asset, vulnerability, patch, and privilege management.

Actions leaders can take to secure their cybersecurity ecosystem.
Actions leaders can take to secure their cybersecurity ecosystem. Image: Global Cybersecurity Outlook 2022

Ensuring your organization is building monitoring capabilities that rely on risk indicators to anticipate outages (using tooling), focusing resilience efforts on risk modelling and using AI Ops (Artificial Intelligence for IT Operations) to correlate events and detect anomalies can help you keep a proactive position on cybersecurity.

Doing response and recovery testing

Many incident response plans (IRPs) are based on static compliance and audit activity that won’t accurately reflect a real cyberattack nor effectively respond to one. Designing an IRP and executing recovery testing are often neglected due to a strain on cost, time, and resources; however, their importance cannot be overstated.

Salesforce has identified ten steps companies should take to create their own effective IRP. The Board and executives should have confidence in the recovery – that things will work on a bad day when they have a demonstrated capability proven through complex testing.

Counting on a reliable source of truth

Resilience programs must have a reliable source of truth that all business units align with. Access to centralized and automated data for managing and responding to disruptions, and confidence in this data, can inform and shape decision-making.

Discover

How is the Forum tackling global cybersecurity challenges?

Knowing what you have, how updated it is, who has access, what kind, and what they’re doing with those resources forms the foundation of any mature enterprise security program and allows for much faster execution of transformative security programs such as Zero Trust.

Backing up critical data

Data volumes have grown, and IT systems have turned more complex, making it essential that we evolve data recovery methods to match. The traditional approach of manually backing up on-premise servers to off-site storage simply doesn’t suffice.

A new approach to enterprise digital resilience might include cyber vaults for critical system configuration and backup, immutable backups that provide the ability to restore a snapshot in time, and rapid virtualization of client/endpoint to quickly ramp up device access. In contrast, corporate devices are being forensically studied, remediated, and reloaded.

Getting ready for the long haul

Across industries, we have seen just how volatile business can be. Organizations that experience significant downtime or data loss lose customers to competitors, making digital resilience an increasingly competitive advantage.

Cyberattacks leaders are most concerned about.
Cyberattacks leaders are most concerned about. Image: Global Cybersecurity Outlook 2022

Ultimately, resilience is a journey with no finish line. For every significant company, resilience needs to be measured, implemented, governed and adhered to in a standardized fashion that leverages automation across an entire ecosystem. By adopting cyber hygiene practices and resilient attributes, companies can significantly reduce risk and build the operational muscle to recover from cybersecurity incidents.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybersecurity

Share:
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

5 ways to achieve effective cyber resilience

Filipe Beato and Jamie Saunders

November 21, 2024

We asked 6 tech strategy leaders how they're promoting security and reliability. Here's what they said

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum