The 6 steps to ensure cyber resilience

Protection against cyber attacks is only as strong as each employee, whether they be onsite or remote.

With today’s dispersed and highly connected workforce, workplaces have become a boon for cyber attacks since there are more entry points into a companies’ IT systems than ever before.

With the increased permanence of hybrid working, vast numbers of employees are now essentially operating as an office of one, connecting to business applications through local networks that aren’t managed by IT teams, exposing businesses to further vulnerabilities, like ransomware attacks.

When cyber criminals infiltrate an organisation’s system, it opens the door for them to recode and encrypt the business’ data. Once this occurs, cyber criminals control a business’ data and systems which results in holding the business’s information for ransom.

Ransomware attacks are prime blockers for business continuity and disruptions can lead to devastating consequences.

In fact, research commissioned by Carbonite + Webroot revealed 37 per cent of organisations that endured a ransomware attack reported business disruption of seven days or more.

In addition, 39 per cent of survey respondents from organisations with 500 or more employees experienced one to two ransomware incidents requiring significant extra resources to rebound from the attack.

Yet, it doesn’t stop there. Three quarters of organisations that encountered a highly visible ransomware incident needed to take post-incident steps to assess and improve their organisation’s data protection and recovery practices. As such, these findings reflect the need for organisations to develop a strong cyber defence approach when dealing with cyber attacks.

VIEW ALL

Cyber resilience framework

The impact on business continuity from cyber incidents makes it critical for organisations to take action in order to lower risks. Organisations must become pragmatic and develop a strategy for dealing with the ramifications of cyber incidents.

While reducing cyber risk doesn’t guarantee there will never be a creaky back door for cyber criminals to slip in between, it decreases the opportunities for attack and can accelerate an organisation’s recovery rate. Organisations must implement a cyber resilience framework that includes numerous elements of prevention and the ability to recover. There are six steps organisations can leverage when creating a multi-pronged cyber framework to achieve cyber resiliency:

1. Identify

Organisations cannot protect what they have not identified. IT teams must regularly scan the organisation’s entire IT footprint including endpoints, servers, and cloud applications. This ensures assets as well as potential vulnerabilities are identified before cyber criminals can exploit them.

2. Protect

With the hybrid work model here to stay, employees’ remote devices are often the first target for cyber criminals. To mitigate this risk, organisations must ensure employee devices have endpoint protection solutions enabled to ensure cyber intrusions are automatically blocked while still allowing their work routines to be left undisturbed.

3. Detect

While prevention is key to reducing cyber risks, one thing can be said about cyber criminals – they are persistent. If they are met with a closed door, they will try another. Threat intelligence and experience-based detection are essential to prevent a cyber attack attempt from evolving into a major cyber security breach.

4. Respond

If a threat is detected in step number three, organisations can find themselves in a harmful spot when considering business continuity. To lessen the impact of a cyber breach, organisations should have a predefined playbook in times of crisis. This step can reduce the period of panic and allow for IT teams and the entire organisation to act timely and efficiently when a breach is detected.

5. Recover

In many cases, a cyber criminal will create their own backdoor as they infiltrate an organisation’s system. This allows cyber criminals to return and continue to collect the information needed to hold a business for ransom. To prevent an easy return, organisations need a back-up filing servers. This allows organisations to recover damaged devices and use their backup file recovery as a lifeline.

6. Educate

This step comes back to cyber protection being only as strong as each remote employee. Cyber awareness is essential when establishing cyber resilience so IT teams need to take the time to educate employees about cyber crime tactics such as phishing and business email compromise. By implementing periodic, easy-to-understand awareness and response training, organisations are one step closer to ensuring cyber resilience and mitigating human risk.

From framework to action

Unless implemented, a framework is just a blueprint. Organisations must convert a cyber resilience plan into their cyber security infrastructure to ensure effectiveness. Furthermore, leveraging a cyber resilience framework can act as a confidence assessment guide. Business leaders and IT teams alike must reevaluate their action plans to achieve practical cyber prevention methods for when the next time cyber criminal knocks at the backdoor.

Grayson Milbourne is the security intelligence director at Carbonite + Webroot.