Insights: Embedding cyber resilience is key to a security strategy Insights: Embedding cyber resilience is key to a security strategy
Now Reading
Insights: Embedding cyber resilience is key to a security strategy

Insights: Embedding cyber resilience is key to a security strategy

Being cyber resilient ensures an organisation’s ability to mitigate damage, recover and continue business processes in the face of an adverse cyber event

Avatar
Security

As the world gets more and more connected, the benefits will always be accompanied with rising threats, which need to be managed and mitigated successfully to optimise the advantages of digital transformation. Today, all IT systems share a global risk of exposure, making it crucial for organisations to shift from cybersecurity to cyber resilience, towards a secure and sustainable knowledge economy.

The UAE cyberthreat landscape
This is especially true for organisations in the UAE, which witnessed a 178 per cent year-on-year increase in the frequency of cyberattacks in the second quarter of 2022, according to one study.

Among the most pervasive types of attacks are ransomware attacks, which have been increasing in frequency and sophistication, and are followed by social engineering and malicious insider activity. Additionally, our Threats and Vulnerabilities Report – Q3-Q4 2022 found that the total number of distributed denial-of-service (DDoS) attacks observed in Q3 2022 in the UAE was almost equivalent to the volume of such attacks in H1 2022. Moreover, DDoS attack numbers grew by more than 79 per cent in Q3, compared to Q2 2022.

Cyber resilience takes centre stage
These numbers make one thing crystal clear: it’s high time to see the writing on the wall for all those who still haven’t worked out a well-defined cyber resilience strategy. Being cyber resilient ensures an organisation’s ability to mitigate damage, recover and continue business processes in the face of an adverse cyber event. It’s essential to understand that resilience is not an overnight project, but instead needs to be a combination of preventive, detective, and responsive methods across the three pillars of people, processes and technology.

Today, cybersecurity has moved beyond being a sole domain of IT departments, evolving instead to become a business enabler when managed well, and a major hinderance when not prioritised. Governments depend on the collective resilience of businesses and individuals to avoid serious disruptions to economic stability, but this can be only achieved through strong business continuity plans incorporating cybersecurity controls at every step and well-structured incident response and recovery procedures.

Importance of partnering with MSSPs
How can organisations go about getting all of this done, while still being able to focus on their core business? The professionalisation of cybercrime and skill shortages in the cybersecurity industry don’t make it any easier. This, coupled with the transition from a product-based to a service-centric model, is making it increasingly lucrative to opt to outsource security operations and partner with trusted managed security service providers (MSSPs).

MSSPs can work as an extended division of the organisation, constantly monitoring, detecting and responding to threats as they happen, and addressing anything that might pose a potential risk to the business.

It’s important to set well-defined metrics to assess the capabilities of the MSSP as well as ask the right questions before trusting the security of your crown jewels to a third party.

For example, what is the scale and reach of the MSSP’s security operations? How many dedicated specialists do they have for the purpose and what are the hiring and training practices they follow? Are they operating in compliance with regional regulations? Is data residency maintained as promised? Are the services offered to you constantly assessed and improved, or are you stuck with an outdated package of tools which aren’t up to the task? These are all important aspects to consider before signing on the dotted line.

Cyber resilience is key
Cyberattacks are not going to stop any time soon, and there’s no magic bullet to keep them in check. What’s needed is a comprehensive approach to boost business resilience. The shift from cybersecurity to cyber resilience is vital to securing your roadmap in today’s landscape and ensuring business continuity, and it starts with empowering people and building strategic partnerships.

Nicolai Solling is the chief technology officer at Help AG

Read: Help AG, Cribl partner to strengthen data security in UAE and Saudi Arabia

You might also like

© 2021 MOTIVATE MEDIA GROUP. ALL RIGHTS RESERVED.

Scroll To Top