Bouncing back: why cyber-resilience is so important in the digital era

by Simon Howe, APAC Sales Director at LogRhythm

Credit: Illustration 97949347 © Vs1489 -

Stand firm or roll with the punches? In today’s complex and intensifying cyber-threat landscape, Australians enterprises should be ready to do both.

Hope for the best, prepare for the worst – and be ready to bounce back if the worst occurs. Resistance has long been a leitmotif of the cyber-security conversation, in Australia and globally, but as threat levels continue to rise, there’s increasing acceptance of the fact that some attacks and incursions will inevitably succeed.

Meanwhile, relentless digitisation of the supply chain, the proliferation of mobile computing and the inexorable march of the Internet of Things – the number of active IoT devices is expected to exceed 21 billion in 2020 – have made patrolling the perimeter a very different exercise than it was a decade ago.

A cyber-resilient organisation is one which can bounce back quickly, because it has solid security structures in place and a robust response plan ready to enact, should it be unlucky enough to have its ‘number come up’.

Real and rising danger

A growing number of Australian enterprises have become familiar with that unsettling sensation. This year has seen scores of organisations report data breaches and cyber-attacks, including the Department of Parliamentary Services, LandMark White, AMP, Melbourne Hospital, Kathmandu and the Bank of Queensland.

Senior leaders are not blind to the disruption and damage a successful incident can create; in fact, the reverse. According to PwC’s 2018 Global Economic Crime and Fraud Survey: Australian Report, they view cyber-crime as the most disruptive crime of the day and the greatest threat to growth.

Property valuation house LandMark White became an unfortunate example of the economic carnage that can come in the wake of an attack after it revealed almost 140,000 valuation records had been stolen by hackers who cracked one of its platforms in early 2019.

The publicly listed company was forced to enter into an extended trading halt following the incident and subsequently estimated its losses at $7 million, largely as a result of the loss of business from major lending institutions.

Becoming a cyber-resilient organisation means being sufficiently prepared that operational and economic havoc don’t ensue, should your enterprise, despite best efforts, fall victim to an attack.

Steps towards cyber-resilience

So, what does cyber-resilience look like? Not a plan on paper but rather a series of regular practices and behaviours which will collectively, over time, improve your organisation’s capacity to recover rapidly after taking a hit.

Management consultancy Accenture recommends organisations follow five key steps.

  • Construct a strong defence. This means being alert to the dangers of attack from within and outside the enterprise, putting commensurate measures in place to combat them and preparing a detailed response plan, in the event infiltrators detect a chink.
  • Challenge your defences. The only way to tell whether the measures you have in place are adequate is to put them to the test regularly. Contracting this activity out to a third party, regularly or occasionally, can provide an objective perspective on what’s working and what needs to be fixed fast.
  • Keep abreast of new technologies. Hackers and cyber-criminals are nothing if not innovative. For enterprises looking to stay a step or several ahead, using the latest technologies – think Artificial Intelligence and machine learning – to speed the threat detection and response process is imperative.
  • Get smarter with intelligence. Resilient organisations are less likely to be blindsided by an attack because collecting and analysing data on network behaviour isn’t an ad hoc activity; it’s part of their regular modus operandi. Solutions which give a clear view of the entire enterprise should be a component of the protection strategy, for organisations which hope to be able to withstand and overcome attacks from anywhere.
  •  Appoint a Chief Information Security Officer who can sell the case for an enterprise-wide security strategy to the enterprise at large. This is key to ensuring cyber-security is viewed as a business issue, not a technical problem for the ICT team to solve.

The two Rs: resistant and resilient

A resistant organisation demonstrates its determination to give hackers and cyber-criminals a run for their money through the continual enhancement of its cyber-security posture. A resilient organisation detects and responds to threats quickly and is able to restore normal service expediently, should an infiltrator slip the cordon. In 2019 Australia, enterprises which are serious about mitigating cyber-security risk should aspire to be both.

Tags LogRhythm

Show Comments