Posted on Jun 29, 2020
Most organizations invest in cybersecurity hoping to reduce or eliminate the risk of a data breach. Risk, unfortunately, can never be completely eliminated — cyber criminals are constantly upping their game to get at money and data. In 2019, 76 percent of small and mid-sized businesses in the U.S. experienced a cyber attack, according to the Ponemon Institute’s most recent Global State of Cybersecurity in Small and Medium-Sized Businesses report.
So, what happens when that data breach occurs? How does an organization manage the breach and continue to function? The answer is cyber resilience.
Cyber resilience is an organization’s ability to continue functioning and achieving your business goals, no matter what happens. If there’s a breach — if an employee accidentally falls for a phishing scam that downloads malware, but your security team contains the threat and your employees are able to continue working despite the breach — your organization is demonstrating cyber resilience.
It’s a form of business continuity planning that doesn’t just include cyber attacks or data breaches, but other crises. For example, if your employees now work remotely because of the pandemic, but are still able to do their jobs well and deliver business outcomes, your business is also demonstrating cyber resilience.
At its core, cyber resilience is about your organization’s ability to do three things:
If your organization can do those three things effectively, you’ll likely be able to weather an attack with minimal damage — you’ll be cyber resilient.
Cybersecurity is all about protecting your business from an attack on your digital assets. When you’re investing in cybersecurity, you’re investing in technology, practices and processes that are meant to protect your data, systems, and networks from a breach or an attack by cyber criminals.
In other words, cybersecurity is about minimizing your risk and avoiding an attack.
Cyber resilience is about making plans for what your organization will do when an attack happens. If your company’s data or platforms are held for ransom, how will your employees complete their daily activities? Do you have a backup system? If your web application is brought down by a DDoS attack, what plans are in place to get back up and running?
When you invest in cyber resilience, you allow yourself to recognize that cybercriminals may be a step ahead of you when it comes to technology and that sometimes they’ll win, get into your system, and breach your defenses.
This mindset might seem defeatist, but it actually helps you become more agile when it comes to your cybersecurity — once you admit a breach is possible, your organization can be better prepared if one happens.
There are several frameworks available to help your organization develop and assess your cyber resilience. The U.S. Department of Homeland Security’s Cyber Resilience Review (CRR), Symantec, and NIST SP 800-160 Vol. 2 are all such frameworks.
NIST’s framework offers 14 techniques for cyber resilience, including — among other items — adaptive response, analytic monitoring, contextual awareness, and redundancy.
Essentially, businesses that embrace an adaptive response to threats tend to be more agile when threats occur. Those that use redundant systems aren’t paralyzed when a breach compromises one system. Businesses that monitor both their own security and external threats are likely to be cyber resilient because they’re aware of both internal weaknesses and external threats.
As NIST points out, proactively monitoring both your own internal cybersecurity and the cyber threat landscape is important when you’re developing cyber resilience in your organization.
SecurityScorecard helps you do that by monitoring the cyberhealth of your enterprise across 10 groups of risk factors with our easy-to-understand A-F security ratings. Our ratings continuously monitor every part of your security operation, from DNS health to web application to your patching cadence. Our ratings show you how cyber criminals see you from the outside, by showing you information available on the open web as well. If your company’s name is showing up in hacker chatter, that appears in our score, as does any leaked credential.
If your score drops, you’ll know that something has changed, and our platform will then offer remediations to help you fix the problem before there’s a breach or an attack. By continuously monitoring your enterprise’s security, you’ll be able to take action and remain cyber resilient.
Vendor management is the process an organization utilizes to assess and manage a third- or fourth-party vendor. Learn how SecurityScorecard can help.
Performing cybersecurity risk assessments is a key part of any organization’s information security management program. Read our guide.
Templates and vendor evaluations are needed to level that playing field, in a time efficient and fair way, so that the best vendors are chosen.
Co-founder and CEO, Alex Yampolskiy, speaks about the importance of measuring and acting on key indicators of cybersecurity risk.
You can’t manage what you can’t measure. Check out our list of the top 20 cybersecurity KPIs to track in 2021.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.