6 Steps to Ensure Cyber Resilience

To minimize the impact of cyber incidents, organizations must be pragmatic and develop a strategy of resilience for dealing with break-ins, advanced malware, and data theft.

Grayson Milbourne, Security Intelligence Director, OpenText Cybersecurity

May 30, 2022

3 Min Read
Sign that says Resilience
Source: Illia Uriadnikov via Alamy Stock Photo

The frequency and severity of cyber threats are escalating and will continue to get stronger as cybercriminals pivot from one target to the next to maximize profit potential. Sooner or later, an attack will be successful. This presents a huge risk for businesses that lack sufficient cyber-resiliency preparation to stop the spread and recover quickly.

Cybercriminals are becoming experts in deception, which makes them increasingly difficult to detect. When they infiltrate an organization’s system, the door remains open for them to recode and encrypt a business's data. Once this happens, cybercriminals gain control (of data and systems) and can hold a business's information for ransom.

In addition to the ransom cost, additional costs are incurred following a ransom attack. Of those companies falling victim, 74% report business disruption lasting more than a day, with 28% taking a week or longer to recover from a ransom attack. For many, especially small and midsize companies, the financial and reputational repercussions of recovering from the occurrence can be devastating.

Cyber-Resilience Framework

To minimize the impact of cyber incidents, organizations must become pragmatic and develop a cyber-resilience strategy for dealing with the ramifications of cyber incidents. While reducing cyber-risk doesn’t guarantee there will never be a creaky backdoor for cybercriminals to slip in, it decreases the opportunities for attack and can accelerate an organization's recovery rate.

A cyber-resilience framework must include numerous elements of prevention and the ability to recover (if an attack is successful). There are six steps organizations can leverage when creating a multipronged cyber framework to achieve cyber resiliency.

1. Identify

Organizations cannot protect what they have not identified. IT teams must regularly scan the organization's entire IT footprint including endpoints, servers, and cloud applications. This ensures assets as well as potential vulnerabilities are identified before cybercriminals can exploit them.

2. Protect

With the hybrid work model here to stay, employees' remote devices are often the first target for cybercriminals. To mitigate this risk, organizations must ensure employee devices have endpoint protection solutions enabled to ensure cyber intrusions are automatically blocked while still allowing their work routines to be left undisturbed.

3. Detect

While prevention is key to reducing cyber-risks, one thing can be said about cybercriminals: They are persistent. If they meet a closed door, they will try another. Threat intelligence and experience-based detection are essential to prevent a cyberattack attempt from evolving into a major cybersecurity breach.

4. Respond

If a threat is detected in the third step, organizations can find themselves in a harmful spot when considering business continuity. To lessen the impact of a cyber breach, organizations should have a predefined playbook in times of crisis. This step can reduce the period of panic and allow for IT teams and the entire organization to act timely and efficiently when a breach is detected.

5. Recover

In many cases, a cybercriminal will create their own backdoor as they infiltrate an organization's system. This allows cybercriminals to return and continue to collect the information needed to hold a business for ransom. To enable an easy return, organizations need to back up critical servers and endpoints. This allows organizations to recover damaged devices and use their backup file recovery as a lifeline.

6. Educate

This step comes back to cyber protection being only as strong as each remote employee. Cyber awareness is essential when establishing cyber resilience so IT teams need to take the time to educate employees about cybercrime tactics such as phishing and business email compromise. By consistently implementing periodic, easy-to-understand awareness and response training, organizations are one step closer to ensuring cyber resilience and mitigating human risk.

From Framework to Action

Unless implemented, a framework is just a blueprint. Organizations must convert a cyber-resilience plan into their cybersecurity infrastructure to ensure effectiveness. Furthermore, leveraging a cyber-resilience framework can act as a confidence assessment guide. Business leaders and IT teams alike must revaluate their action plans to achieve practical cyber-prevention methods for the next time cybercriminals knock at the backdoor.

About the Author(s)

Grayson Milbourne

Security Intelligence Director, OpenText Cybersecurity

Grayson Milbourne is the Security Intelligence Director at OpenText Cybersecurity, a division of OpenText. Grayson’s nearly two decades of security intelligence expertise include malware analysis, data science, and security education. In his current role, Grayson is focused on efficacy development to ensure the company’s security management products (which include the Webroot portfolio) are able to defend against the most cutting-edge threats.

Grayson is a longtime advocate for better third-party testing of security products and represents OpenText Security Solutions at the Anti-Malware Testing and Standards Organization (AMTSO). Through his efforts, AMTSO released testing standards that greatly improved testing quality when followed. Grayson is an avid participant in the security community and drives awareness of current threats by speaking at major events such as RSA and Virus Bulletin. He is a frequent guest on local NBC affiliates and several cybersecurity podcasts.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights