So far in our blog series on cyber resilience, we’ve covered what is cyber resilience and looked at the difference between cyber resilience and cyber security. In this final blog, we’ll examine the type of cyber resilience services available and how to select the appropriate services for your business.
We’ve known for a long time that it’s a matter of ‘when, not if’ as far as data breaches are concerned for virtually every organization. Cyber security is the first line of defense. But a company relying on cyber security alone isn’t enough. As cyber attacks increase and hackers become smarter and more determined, holding back those waves is no longer possible.
You can define cyber resilience as the ability to minimize the risk of a successful attack, and the ability to respond and recover after an attack has happened. It centers on how quickly you can return to business as usual and learn from those experiences to bolster your protection in the future.
Why is cyber resilience important?
In the first six months of 2020, at least 16 billion records, including credit card numbers, home addresses, phone numbers and other highly sensitive information, have been exposed through data breaches. In 2019, research demonstrated that 60% of businesses had experienced serious cyber security breaches in the previous two years.
It’s not just the largest organizations that are at risk. Hackers are increasingly targeting small and medium sized businesses where they know that there is plenty of sensitive data but information security may not be quite as strong. Small to mid-sized business have a lot to lose when attacked. When these businesses are breached one in ten will cease trading.
These brief statistics should underline the importance that organizations of all sizes require an effective cyber resilience strategy. In some ways, it may be more important that smaller organizations adopt cyber resilience solutions. The cost and reputational damage for large organizations can be enormous but they are likely to be able to make a recovery. The potential for complete and final disaster should focus small and medium sized – even some larger companies – on the need to handle data breaches when they occur.
The role of cyber resilience services
It’s possible that companies in the Fortune 100 are big enough to handle the cyber resilience requirements by themselves. For everyone else, building cyber resilience is something they are likely to struggle with unless they turn to outside help.
In truth, there are so many moving parts to a successful cyber resilience strategy. It takes a new way of thinking in terms of information security and data protection and involves a different set of skills – not only on cyber resilience technologies but also in establishing new governance and policies around security and managing organizational change.
Where cyber security could be seen as the province of the IT department, cyber resilience is everybody’s responsibility. Each individual business user needs to know the policies and procedures and their role within them.
Cyber resilience services providers deliver the skills and knowledge organizations need to move to the next level of information security. More importantly, cyber resilience services make available and affordable capabilities that would otherwise only be within the reach of the largest enterprise.
A brief note on defense in depth: This approach has been popular in cyber security for many years. You layer solutions to deliver more and more protection. The same approach can apply with cyber resilience. In fact, it’s the only way to achieve lasting resilience over time as it’s highly unlikely to get there in one attempt. Cyber resilience services allow companies of all sizes to start small and build the layers of protection they require. It makes it affordable and achievable for smaller organizations to embark on their cyber resilience journey.
7 cyber resilience services every organization should deploy
There are many reasons that organizations begin to explore cyber resilience services. Often, smaller organizations react to the effects they see from data breaches on larger organizations in their industry. On rare occasions, organizations have been spurred into cyber resilience when a government agency informs them that there are malicious parties actually on their network. Some of the key cyber resilience services include:
The top cause of breaches isn’t malware or stolen credentials. It’s successful phishing attacks, which 96% of the time arrives via email. The reason they are successful is quite simply, people still trust content and links that they shouldn’t. The good news is Running 11 or more training courses over 4-6 months reduces phishing click-through by 65%, according to the Webroot 2020 Threat Report. This underscores the need for OpenText™ Security Awareness Training as the first line of defense in protecting a business against cyber threats.
Approximately 350,000 new malicious programs are discovered every day. But, which malware is an actual or existential threat? For each organization, it’s critical to assess risk and determine which attacks warrant immediate action and which pose a lower threat. The best threat hunting services go beyond the current industry practice of only using network logs as the standard way to hunt for threats to incorporate telemetry information from the endpoint. For example, OpenText Threat Hunting Service uses best in breed technologies with custom workflows leveraging machine learning and MITRE ATT&CK framework to enable detection in real time to dramatically reduce time to remediate.
According to the SANS 2019 Incident Response (IR) Survey, many organizations are slow to react to security threats and breaches. In all, 42% of respondents said it took two or more days to detect a threat and, post-incident, 52% said they needed to manually reimage or restore their compromised machines. Incident response is becoming an essential cyber resilience service. It continuously monitors your network to detect known and unknown threats in real time. Advanced threats are quickly isolated to stop them spreading, allowing for effective remediation without affecting business performance.
Cybersecurity attacks often start at endpoints, such as workstations or mobile devices then pivot to critical data sources on servers. With technologies like IoT and cloud now becoming prominent, there is an increasing surface area for hackers to attack. In fact, the 2019 SANS Survey on Next-Generation Endpoint Risks and Protections found that 28% of respondents confirmed attackers had gained access through enterprise endpoints. Endpoint security services enable you to monitor all enterprise endpoints to detect attacks and react quickly to minimize the damage. The best cyber resilience services for endpoint security include advanced features such as DNS filtering to ensure you know the traffic on your network and dynamic analysis to stop data exfiltration following a breach.
Managed detection and response
It seems hackers never sleep so you have to be on your guard 24 hours a day. Managed detection and response services deliver 24×7 expert monitoring of your network. The service provides real time threat detection and validation to instantly contain and remediate breaches. The leading managed detection and response services offer a range of advanced detection methods including behavioral analytics, network traffic analysis, and threat hunts all back by a flexible level of expert resource to meet your business requirements.
Managed back-up and recovery
One of the major elements of any cyber resilience environment is effective back-up and recovery. With Ransomware on the rise and more companies paying out to regain their data, back-up is vital to enable you to quickly restore the data that the hackers are holding hostage. Introducing strategies that place the backed-up data on another network or server help overcome the threat from Ransomware. In addition, services are now appearing where the data is backed up to the cloud and is available as Back-up-as-a-Service (BaaS). Some leading back-up and recovery services offer back-up options that may not actually be available directly from the software vendor. For example, OpenText’s Carbonite Backup for Microsoft 365 offers multiple options for recovering data from all Microsoft 365 applications, offers multiple options for recovering data from all Microsoft 365 applications, while OpenText Carbonite Endpoint Protection protects data on desktops, laptops, and tablets.
Managed security service
One of the major trends in cyber resilience is the growth of Managed Security Service Providers (MSSP) that deliver a complete, end-to-end managed solution to your security needs. Factors such as the rise in data breaches and increase in cyberattack sophistication has led many organizations to minimize cost and risk through working with trusted providers. The result is a rapid growth in the managed security services market, estimate to expand from $31.6 billion in 2020 to $46.4 billion by 2025.
MSSPs combine all the services outlined above to provide a comprehensive package that enables them to become, in effect, your outsourced Security Operations Center (SOC). For example, OpenText MSSP services include:
- Network security
- Endpoint security
- Vulnerability management
- Cloud security monitoring
- Email security
- Threat detection & Intelligence
- Digital forensics & incident response (DFIR)
- Insider threat monitoring & management
Realizing the benefits of cyber resilience services
With cyber resilience services you can begin to address your information protection and business resilience needs quickly and build your capabilities as the organizations requires. Most providers offer a comprehensive portfolio of customizable cyber resilience services based around cyber resilience best practices and industry experience. Look for providers that can deliver on-premise, cloud-based and hybrid solutions to give you the maximum flexibility when progressing along your cyber resilience journey.
Find out more about cyber resilience and other information security solutions from OpenText.