In today’s digital business landscape, it’s impossible to be fully prepared to consistently foil every single kind of cyber attack with guaranteed success. While cybersecurity technologies – ranging from threat detection to active defence solutions – are improving at pace, cybercriminals are responding with greater stealth and innovation. Even against vigilant, dedicated cybersecurity systems, attacks may still get through.
“How do we stop an attack?” is still a crucial question for every company across every sector. However, an equally vital question for today is: “Are we ready if an attack does succeed?” Cyber resilience (also referred to as ‘digital resilience’) enables an organisation to limit the damage of attacks that penetrate their defences, while ensuring that they can continue to operate as effectively as possible.
New threat patterns target the ultimate soft spot – human activity
In its most recent global threat report, CrowdStrike says that the overall “hardening of the attack surface” (thanks to advancements in threat awareness and defence technology) has caused cybercriminals to rely more on stealth and deception to achieve penetrations.
Rather than attacking into solidly prepared defences with “brute force” methodologies, hackers are relying on more sophisticated techniques (phishing, social engineering and access brokers) to trick human employees into giving up their access credentials. “Interactive intrusion” techniques are also becoming more popular, where attackers mimic expected user and administrator behaviour, making it difficult for the defenders to differentiate between legitimate user activity and a cyberattack.
According to the 2024 report, hackers are moving away from malware (malware-free cyberattacks rose to 75% last year, up from 71% in 2022), but the frequency and impact of successful intrusions are rising. Ransomware is the current tool of choice for Big Game Hunting (BGH) attackers, costing businesses a record high $1 billion in paid ransoms in 2023, alongside an additional average cost of $5.13 million per attack in lost business and post-breach response actions – not to mention the more intangible cost of reputational losses.
With attackers more determined than ever to gain access by any means necessary, businesses must look beyond their immediate or “front-line” defences and create a digital infrastructure that cannot be compromised so comprehensively should their preventive measures fail.
Creating cyber resilience is a combination of mindset and practical measures
While every organisation and its operational setup will require a unique approach to cybersecurity and cyber resilience, there are general areas of focus that are more important in the current and emerging threat landscape.
As businesses strive to make themselves as small and hard a target as possible – without compromising their ability to function operationally as they see fit – cyber resilience will assume a greater role at both a technical and philosophical level.
Implement Multi-Factor Authentication (MFA)
Identity-based and social engineering attacks are on the rise. If successful, they offer instant access and control, and they are hard to detect. Accordingly, MFA has taken on an increasingly important role in ensuring that attackers don’t gain unfettered access, and cybersecurity teams can maintain cross-domain visibility and better identify malicious use of legitimate tools. Relying on passwords is no longer enough; next-gen endpoint technology is a backup defence all cyber resilience companies need.
Educate your staff
Staff can be an organisation’s greatest cybersecurity weakness, or a source of strength. Train your team on all elements of good cyber hygiene (practising strong password protection, identifying suspicious requests, recognising social engineering attempts, etc) and how to report issues swiftly.
Segment Networks
Should intrusions occur, a cybersecurity system should be capable of slowing attacker’s progress, limiting their access while ultimately buying time for detection efforts and countermeasures to kick in. Isolating sensitive data and mission-critical systems from the rest of the network is essential for limiting the organisation’s overall exposure to an attack. Zero Trust Network Access (ZTNA) is another approach gaining popularity, as it connects users only to specific applications or systems rather than providing broad network access, limiting attackers’ lateral movement.
Make cyber resilience part of your corporate culture
Static defence is easily outmanoeuvred; to stay ahead of the threat landscape, cyber resilience needs to be embedded into every aspect of an organisation’s culture. User awareness programmes, routine updating and replacement of legacy systems, incident response planning and training – these are all elements that can instil a sense of preparedness if the worst should occur.