Staying one step ahead: Strategies for cyber resilience
In association with Dell Technologies Ireland
In today’s data driven landscape cyber attacks are an ever-present concern for organisations in Ireland and of course, right across the world, and for good reason – the success rate for attacks is on the rise and confidence among leaders is low when it comes to being able to recover all business-critical data after a major incident.
According to our most recent Data Protection Index, 67% of organisations aren’t confident that their data protection will stand up against today’s advanced malware attacks, and a further 63% say their data recovery isn’t up to the task either. The challenge for organisations is that, as they evolve and grow, so too do the methods cyber criminals use to break through their defences.
Much of our time today is occupied by thinking through the evolving ‘threat landscape of the AI era’ and how we can build a modern effective capability to prevent the ever-mounting threat of a modern and catastrophically effective adversarial attack. But equally important is the planning and capability we put into recovery in the event of such an attack. Succeeding in today’s threat landscape requires employing a mix of preventative and reactive tools, as well as having a firm disaster recovery plan in place for when things go wrong.
As we mark the end of Cyber Security Awareness Month, here are some of the core strategies that Irish businesses can put in place to stay ahead of the threat landscape.
Zero trust lessens the impact of threats
Traditional methods of preventative cybersecurity have largely focused on a ‘perimeter-centric’ approach. This means using a security framework based around the ‘trusted known’ inside the perimeter, such as employers or partners, and the ‘untrusted unknown’ outside the perimeter which includes hackers and other bad actors.
However, increasingly sophisticated human engineering methods, such as phishing e-mails and calls, can mean that bad actors can enter the network under the guise of a ‘trusted known,’ and, once inside, they have free reign to an organisation’s entire system.
Zero trust is a cybersecurity framework that addresses this issue, by introducing and inserting ‘zero trust principles’ into our ecosystems through continuous validation methods for everyone and everything accessing the network to ensure it remains secure and trusted. For example, an employee accessing e-mails may be prompted to complete a two-factor authentication step to gain re-access after a certain time period has passed. This means that any user can be individually denied or granted access to the designated system in real-time.
For hackers, the impact is that even if they do successfully infiltrate a business network, they remain in confinement and are unable to spread further within the system – potentially avoiding a significant escalation of an attack.
Reacting to an attack
When faced with a large-scale attack, a significant challenge for IT teams is time and resource, fighting an attack with increasingly limited resources due to factors such as the global shortage of skilled IT workers.
It’s important that businesses in Ireland keep their IT teams, and wider teams, prepared for a cyber-attack. This means regularly simulating fire drill attack scenarios that will give teams the experience they need to respond quickly and decisively when a real attack strikes.
Another method of tackling the issue of limited resource is to expand the response team with a partner. managed detection and response (MDR) services can provide organisations with a fully managed, end-to-end, 24×7 solution that monitors, detects, investigates and responds to threats across an organisation’s entire IT environment.
Cyber crime is a global business, so having a team in place who can provide around the clock protection for an organisation can give IT teams world-class support in the event of an attack.
Recovering from an attack
Sometimes, despite our best efforts, things go wrong. When this happens, organisations that plan for the worst by minimising the blast radius of a modern cyber attack and using modern cyber technology to provide for recovery will be best positioned to minimise damage to the business. Time is of the essence during a cyber attack, so comprehensive disaster recovery is key to mitigating the impact.
This is why a reliable cyber recovery vault, an isolated repository of all essential business data and systems, is a critical part of an organisation’s cybersecurity plan. The vault separates the organisation’s most important data from the rest of the infrastructure, so in the event of an attack on the main system, the vault can be accessed separately and used to quickly restore business functionality once the attack has been contained.
Cyber security is a practice that now evolves on a minute-by-minute basis, so organisations need to be prepared for all eventualities. It’s undeniable that the threat landscape is complex, but it’s far from a losing fight. If organisations employ tactics to prevent, react and recover, and work with partners who can help them predict and prepare for future threats, their cyber resilience, and confidence in the face of attacks will continue to grow.
Strengthening cyber resilience
Cyber Security Awareness Month provides a valuable opportunity for businesses and organisations across Ireland to raise the level of understanding of cybersecurity threats and protect themselves online through education and sharing of best practice.
At Dell Technologies Ireland, we are supporting organisations across the island of Ireland to strengthen their cyber resilience while they innovate and grow at speed. For example, with the rise in cyber threats in recent years, Ulster University tapped into Dell’s expertise to enhance its cyber resilience strategy. Through the guidance of our team and technology capability, Ulster University’s IT team can address any potential cyber threats and ensure robust recovery capability to restore operations in the case of an attack.
The core strategies we have outlined will not only help businesses and organisations to stay one step ahead of evolving cyber threats, it will put cyber security at the very heart of business strategy and workforce development in 2023 and beyond. This is exactly where it needs to be as we enter the exciting but largely unexplored landscape of the information era.
Marc O’Regan is CTO, EMEA, Dell Technologies
Subscribers 0
Fans 0
Followers 0
Followers