With a cyber attack taking place every 11 seconds and the cost to recover from a ransomware attack having doubled, building cyber resilience has never been more critical. To build cyber resilience – organisations need to collaborate and work together with a variety of stakeholders, technology providers and a combined effort from the public a private sector. Building resilience today takes a village.
The first episode of the series examines the ecosystem required to build cyber resilience and cyber preparedness. Particularly – Jim and Liz examine why it is through partnership and collaboration that organisations can best mitigate risk and excel at cyber defence and preparedness.
In this episode of “Need to Know” host Liz Green, EMEA Advisory & Cyber Lead at Dell Technologies, is joined by Jim Shook, Director, Cybersecurity and Compliance Practice at Dell Technologies.
Listen In To Learn
- What cyber resilience really means, and how it differs from – but works closely with – cyber security
- Why organisations can’t build cyber resilience in a vacuum, but require support from a wider ecosystem
- Who makes up the ecosystems, and why they require cooperation at all levels – even between competitors
- How ecosystems come together to improve and ensure cyber resilience strategy for all parties
First Things First
Understanding the differences between cyber resilience and cyber security – and where the two come together – is a vital first step in establishing your strategy. The difference is primarily in their focuses: cyber resilience focuses on protection of business outcomes, whereas cyber security prioritises technical controls and processes. While they share an ultimate goal of keeping organisations safe from potential attacks, their methodology and primary goals are different.
The core tenants of effective cyber resilience can be considered supporting organisations in withstanding, adapting to and recovering from adverse events. To fulfil the ‘withstand’ element, better controls must be implemented to prevent bad actors from being able to access systems. Adaptation requires looking at processes that may already be in place and making modifications to them to ensure emerging risks are counteracted. While recovery may seem like a worst case scenario, it is vital in ensuring business survival and continuity, and includes aspects such as Data Vaults.
It Takes a Village
“Cyber resilience isn’t something a business can do in a vacuum.” – Liz Green
In a world where a cyber attack takes place every 11 seconds on average, coming together as a community can be integral to increasing resiliency. While it takes a village to implement effective resilience strategy, who are the villagers?
Within an organisation, effective cyber resilience requires cooperation and coordination across the board, with no one team holding full responsibility. The burden does not just rest with the IT or cyber team, but also with legal, risk and compliance teams, as well as being driven from the top down to ensure strategy is comprehensive.
Of course, external technology and advisory partners like Dell Technologies are also key players within the ecosystem, helping organisations through expert guidance and supplementing teams with a holistic overview. But it isn’t just internal teams and partner organisations that can come together in the name of cyber resilience. Sheltered Harbor stands as a fantastic example of organisations – even competitors – coming together in the name of cyber resilience to work together to counter potential attacks and breaches that would have a domino effect across the financial services industry.
Checking your blind spots
“Cyber resilience is a verb, and requires constant action.” – Liz Green
While some organisations might be tempted to go it alone, active and effective cyber resilience cannot be performed in a siloed way. The start of establishing a strategy involves taking an overview of your most important processes and infrastructure, to self-examine business goals and performance, and this requires an outside perspective to be truly effective.
It is natural for organisations to have blind spots and struggle to see their business and processes from an outside perspective. For those that have not had to recover from a cyber attack or breach, having an experienced advisor who has experienced such a recovery can be invaluable in strong cyber resilience strategy. As the risk and threat landscape is constantly evolving, so too must cyber resilience as a discipline, and a dedicated community and ecosystem, working together, is the best way to keep pace.
At Dell Technologies, our objective is to provide a deep and broad portfolio of products, delivering specialist solutions for our clients, and partners enabling these solutions. To find out more about our range of cyber resilience solutions, as well as our comprehensive cyber security offerings, click here.
You can listen to all episodes of “Need to Know” podcast, including this conversation on cyber resilience, here.
