Monday, 3 October 2016

Towards a Cyber Resilience strategy (Cyber Security Awareness Month – Oct 2016)

As most of you already know, October is Cyber Security awareness month. The aim of the Cyber Security awareness month is to raise awareness across the international community about cyber threats, discuss best practices, and educate the public and private sector, on how to stay safe online.

Cyber Security is promoted extensively during this month and many events are being organized with the sole purpose to engage and educate public and private sector entities, while provide them with the necessary tools and resource to stay safe when connected online. Given the opportunity let’s talk about the UK’s Cyber Security Clusters and how you could get to engage, participate, network and most importantly ask any questions that you currently have regarding your organizations cyber security posture and staying safe online.

In the UK, the South Wales Cyber Security Cluster is the largest cluster* having as many members as all other clusters in the UK combined. The cluster has been formed under the umbrella of the UK Cyber Security Forum, by a number of cyber security focused businesses and information security experts. The aims of the cluster are two-fold. Firstly, it is to support members by communicating National and International initiatives and trade opportunities, providing a networking platform to share ideas and best practice, encouraging collaboration and identifying partnership opportunities so that small cyber security specialist businesses in Wales can find new ways to grow. Secondly, to support the Welsh Government’s commitment to Cyber Security (and UK Government’s Cyber Security Strategy) by building cyber security knowledge, skills and capabilities in the Region, to make businesses more resilient to cyber attacks and the Region one of the most secure places in the world to do business. So, our first tip for the Cyber Security Awareness month, is for you to find out when is the next meeting of your local Cyber Security Cluster and seize the opportunity to attend.
Boards of directors and executives worldwide have started realizing that cyber security is actually a prominent risk issue with devastating outcomes in most cases. Data breaches, compromised networks, and significant loss of revenue due to security vulnerabilities is almost a daily story on the news. Especially when it comes to high-profile targets that affected millions of customers. The forthcoming GDPR is a regulation that focuses on raising the bar in the way cyber security is perceived worldwide and more specifically when it comes to protecting data being stored and transported within the EU, but also for any business that are storing EU customer data in geographic locations outside the EU as well.
A holistic approach is needed.
Indeed, there is no silver bullet when it comes to security but this should not be used as an excuse when it comes to protecting the mission critical systems of an organization. When it comes to Cyber Security, companies tend to narrow the scope and usually focus only on protecting selectively high value assets in order to stay within their allocated budgets. This practice has worked for years but carrying it on to a fast evolving threat landscape where systems and services are exponentially more complicated to what they used to be, has already started introducing cracks and weak points which are not visible or easily spotted. Effectively, trying to use security in an ad-hoc manner, here and there, ends up being more expensive than anticipated and in most cases creates a false sense of security, when in reality this kind of tactic only allows to turn a blind eye to what the real problem is. In fact, according the Center of Internet Security a significant percentage of cyber-attacks, up to 80%, can be prevented with just a few simple proactive measures and a preventive culture within the organization.
Focusing towards Cyber Resilience.
Cyber Resilience may sound just like another buzzword being used by the information security industry. However, there is a deeper meaning and reasoning why Cyber Resilience is the way forward. The first reason is the holistic approach to the organization’s cyber security posture. The second reason, is the results of having a holistic approach when it comes cyber security, especially when it can reduce your expenditure allowing you to stay within budget while upgrading at the same time to an around the clock systemic visibility and real-time response.
An action plan to protect an organization under a holistic approach is not a trivial task, it is however feasible when the requirements are put into a realistic perspective and are broken down into individual steps.
Know yourself: Each department throughout an organization (IT, sales, finance, legal, marketing, HR, etc.) needs to come together and discuss their common enemy, which is none other than evolving cyber threats and cyber criminals. This can only be done when the organizations cyber security posture is treated in a systemic way, by identifying the gaps and risks across the whole business. If necessary, consult an external cyber security expert who will review the organizations cyber risk profile and assist the decision maker to understand where they are standing. In some cases, this discussion starts with reviewing the results of a cyber security awareness assessment, that leads to proper training, and then breaks down to the specific needs of each department participating the review process.
Devise a plan: By hypothesizing attack scenarios, develop a good idea on what is exposed, what particular type of attacks can affect the organization, which are high value targets, what kind of vulnerabilities are present and assess the impact in each scenario. This process not only sets the foundation for constructing a proper response plan, but also determines the recovery process within an acceptable time frame for the business. Furthermore, this process highlights any hidden weak points, vulnerabilities that slipped through the cracks and most importantly what needs to be reviewed further. At this stage, engaging with an expert third-party allows for a faster, better, efficient and effective adaptation to emerging cyber threats, dramatically reducing the risk of being targeted or even breached.
Mitigation Strategy: It is not possible to know for sure or predict emerging cyber threats and the effect that will have to the business (e.g. lost revenue, reputational harm, stock price). Having rough estimates provides a far more realistic idea to what is at stake, the consequences of unrealistic expectations, and up to what level risk should be considered acceptable. The outcome at this stage will further assist when it comes to deciding the right cyber insurance coverage. In the meantime, the mitigation strategy will involve all the necessary steps to determine what is the greatest threat depending the particular nature of the organisation, up to what level it can be mitigated and how, and what specific investments are needed in order to avoid unnecessary future costs.
Adaptive solutions: Decision makers should take into account that security is not an out-of-the-self product, and the misconception that more money being spend can improve security, needs to stop. Consequently, when it comes to investing in a solution, a product or a service, what matters the most is how adaptive and scalable that solution can be in order to meet any specific needs set forth, rather than introducing a false sense of security instead. The secret in this stage is not to try to introduce solutions here and there, to meet individual security and regulatory requirements which inevitably will increase the overall cost, but approach the problem in a holistic attitude. Utilize the expertise of third-parties and discuss how their solutions can assist in that challenging task, how adaptive they are, what kind of flexibility they offer in this fast evolving threat landscape, what is the added value, and most importantly how will it keep everything within budget.
Cyber Resilience: Being able to become Cyber Resilient is a task that requires the efforts of many parties from within the same organization and often, third-parties are deeply involved as well. The aforementioned steps put into perspective what needs to be done today, in order to avoid any claims or negligence following a potential breach, and display clearly the necessary due diligence in this era of fast evolving internal and external cyber threats.
Cyber crime and cyber criminals act as an opportunistic scheme, that most of the time target the low hanging fruit. The security industry’s professionals and experts are tasked with the challenging task of protecting a vast amount of heterogeneous information systems against a chaotic cyber warfare taking place between threat actors and defending parties. By focusing towards a cyber resiliency strategy today, allows security professionals to better defend what is already in place, provide them with the tools to detect and respond in real-time around the clock, and recover in the unfortunate event of a breach.

Why DeepRecce?

At DeepRecce, we believe that today’s Cyber Security services and solutions not only need to be scalable and dynamic, but also meticulous and focused. Our holistic approach when it comes to better defending and protecting an organization, not only engages state-of-the-art solutions but also ensures it is the right solution for the problem. Our managed Security Operations Center (SOC) is currently the most rapidly deployable in the market, with a fully adaptive profile, to meet any challenging needs set forth. Our Offensive Cyber security services along with our fully scalable and adaptive managed SOC ensures a systemic approach to today’s cyber security challenges while defending against tomorrow’s emerging threats. 
Talk to us today and let us discuss YOUR Cyber Resilience Strategy.

* The South Wales Cyber Security Cluster, a networking group for all those with an interest in all aspects of cyber security, run open meetings on the 3rd Tuesday of every month at various venues across South Wales. As October is Cyber Security Awareness Month, the cluster has merged their meetings into the Get Safe Online Event, hosted by the Southern Wales Regional Cyber Crime Unit. The Unit have linked up with Get Safe Online, Welsh Government and the South Wales Cyber Security Cluster to provide an opportunity for attendees to learn from industry experts and ensure your business is not left vulnerable to cyber-attacks. In addition, various Cluster members will be showcasing their capabilities at the event and will be on hand to answer questions and offer support. Full details can be found at

[Update: 14/Oct/2016]: The blog post “Towards a Cyber Resilience strategy for Cyber Security Awareness Month – Oct 2016”, has also been published by Tripwire and has been included in the daily cyber report circulated by NCIRC NATO.

This is a blog post I created for DeepRecce and it can be found at this link.

No comments:

Post a Comment