In addition to the ongoing asymmetry of the cyber struggle, and complexities of protecting our business’ increasingly digital operations, we are also faced with the social, geopolitical and economic challenges related to the global pandemic. Timothy Eades, CEO, vArmour explains why IT leaders need to think about the bigger picture â€” the geopolitical risks from hostile foreign powers to reduce risk exposure.
The Cambridge Dictionary defines resilience as â€œthe ability to be happy, successful, etc. again after something difficult or bad has happenedâ€ which seems particularly apt for the times we live in. The relentless flow of news stories is mostly centered around cyber-attacks, hacks, and breaches. Criminals and hackers don’t seem to take a rest and are always ready to breach the organizations’ defenses.
In addition to the disruption in business environments, organizations are also faced with the social, geopolitical and economic challenges related to the global pandemic. With so much going on, where do we focus? In this article, we take stock of the current threats landscape and outline how IT leaders can strike the right balance between protecting areas of highest business criticality and at the same time, be aware of the growing geopolitical risks.
Focus on Business Risks
The cyber threats to an organization can be overwhelming and it can be easy to become distracted with the latest vulnerability or breach. From a business perspective, we should focus on protecting your areas of highest business criticality (including its dependencies, but more on that later), understand risks and potential impacts specific to those functions and construct a system to align controls and architecture with business criticality. Taking a business-focused approach lets you avoid being overwhelmed, and it also helps you to align your cyber and technology strategiesOpens a new window with your business strategy. That final point on alignment can transform your role within your organization.
Be Aware of the Changes in Geopolitical Risk
The daily news reminds us that the world is becoming a very uncertain and dangerous place. Geopolitical threats from hostile foreign powers extend beyond government and military targets as disinformation and disruption has become a tactic across business and society. We are seeing regulators increasingly focused on understanding dependencies and relationships that extend into hostile regions, and those hostile regions are extending beyond the nations we were concerned about just a decade ago. Understanding global cross-border dependencies across your application relationships and instantiating effective controls and observability is going to become one of the cyber priorities Opens a new window over the next few years.
Of Course, Think About Your Operational Risk and Cyber Risk
Build in Resilience as Part of the Architecture
Once you take a resilience-led approach to cyber and operational riskOpens a new window , your mindset and strategy will change. Historically, we have sought controls to allow us to mitigate risk and recover from events, whereas a resilience mindset leads you to consider building-in inherent capabilities within your application and cloud architecturesOpens a new window . If you embrace secure development practices, automation, and control planes that ensure your application deployments continue to meet your business requirements for cyber resilience, then the need to bolt-on controls (which add complexity and brittleness) become less important.
Understand Your Dependencies in Highly Dynamic World and Take Steps to Ensure you Continue Doing So
There is an underlying challenge that all medium to large organizations have experienced in attempting to respond to cyber and operational failures â€“ unknown dependencies and their impact on critical business functions. Enterprises have complex Service Oriented architectures and their applications are highly interconnected. The rapid rate of change driven by automated Cloud infrastructureOpens a new window and CI/CDOpens a new window development practices have only compounded the problem. In order to maintain a resilient posture, organizations need to understand their dependencies in terms of applications, infrastructure, geographic locations and third-party service providers at all times. A decade ago, this process was highly manual, expensive and often inaccurate. Now tools in the Application Relationship Management space can automate this for you to reduce cost, improve accuracy and ensure that your organization is always prepared to respond to changes to the risk assessment, attacks and failures.
Use the Power of Cloud and APIs
Modern software-defined infrastructureOpens a new window and public cloud services have added a layer of complexity to cyber and IT operations. However, they have also added a wealth of services and telemetry that can be leveraged to build in resilience without the complexity of adding a ton of new security products to your architecture. API driven securityOpens a new window control planes that can interface to your cloud-native securityOpens a new window controls while abstracting their complexities and differences allow you to fully embrace the power of the cloud without needing to be an expert in every single environment and low-level security feature.
Lastly, Think About Your Most Important Assetâ€”Your People
Simplify and Focus
Cybersecurity Opens a new window is based upon the pillars of People, Process and Technology and we should reflect upon the unprecedented effects of the past few months on our people. As the home has become the workplace and lines blur between personal and professional we should be driven to think about how we can simplify aspects of working life, to reduce the chances of human error, and to focus efforts on the areas of importance. For security teamsOpens a new window , that means focusing on business risk and utilizing tools that simplify and automate repetitive, complex error-prone tasks. How do our tools help our security professionalsOpens a new window to focus on risk and business value as opposed to the details of cloud environments and security tooling?
How are they Affected as We Transition to the â€˜New Normal’?
Events of the past week have reminded us how insider threats Opens a new window can have real impact on even the most sophisticated technology platforms. We must also consider stresses of â€˜shelter in place’ and longer-term worries are having real impact on our people, at the very moment we are no longer able to meet â€˜face to face’. Many organizations transitioned fast to â€˜shelter in place’ and many are now reconsidering their threat models to consider the implications of a highly distributed, remote workforceOpens a new window at this time of great stress and uncertainty.
Don’t Forget to Educate
One of the biggest successes I have found over the past few months comes from the space created to bring our teams together, to communicate openly about the problems we face together, and to educate ourselves around risks, opportunities, new disruptive technologies and new ways of working. By focusing on education and proving that we are here to support and improve each other, we can lay the foundations of increased cyber awareness, a renewed determination to protect what’s important, and the understanding that cyber resilience Opens a new window is everyone’s responsibility.