FEATURE
The c-suite must embrace this digital resiliency as part of their governance responsibility .
and – worst case – bring on a global economic decline .
Of course , you can ’ t not invest in security . Every organisation needs detection and protection . But companies can actually save money long-term and ensure better cybersecurity by adding a third element to their cyberdefence strategies : resilience , a complete understanding of their digital network .
Think about it this way . A digital network is like an office building . If the building catches fire , you need to quickly respond and stop the blaze before it causes large-scale damage . That ’ s why buildings are equipped with automatic sprinkler systems , fire doors and multiple extinguishers on every floor .
In this case , resilience means being physically prepared to rapidly respond . And response is even more efficient when the fire department has the blueprint of the building and can strategically find the most efficient route to extinguish the blaze , prevent it from spreading and exit the endangered people .
Thanks to the systems we ’ ve put in place , we no longer expect modern buildings to burn to the ground and fortunately they rarely do . Despite the recent tragedy in London , fire safety has vastly improved . Building fires in the US fell 54 % from 1980 to 2013 , according to the National Fire Protection Association .
That ’ s called resilience . If someone throws a match in the men ’ s room trash can , the building doesn ’ t have to burn to the ground . A quick , focused and automated response , such as activation of the sprinkler system , should extinguish the flames .
Organisations can apply this same thinking . They can build digital networks that will detect incidents as they ’ re occurring and respond to the problems instantaneously , instead of 197 days later , which is the average time of detection for advanced threats .
In this case , resilience means being prepared for the inevitable cyber compromise , with an up-to-date and comprehensive network map that can inform the security team ’ s prioritisation of vulnerabilities and contain incidents .
Rather than pour millions of dollars into the latest and greatest antivirus or firewall tools , organisations should invest in the ability to respond to incidents , ‘ pour water on them ’ and prevent them from spreading . That ’ s how corporations can better their security posture and protect themselves .
The c-suite must embrace this digital resiliency as part of their governance responsibility .
They must understand that if they encounter a cyberincident , it does not have to expand into a full-blown breach . A security approach built around digital resiliency can in fact prevent breaches and all the downstream problems that come with them , including a loss of customer trust , a plummeting stock price , and the millions of dollars in remediation fees and regulatory fines .
In today ’ s hyperconnected business world , attacks and breaches are inevitable . But they don ’ t have to stop or even impair your business activities . In fact , the ability to respond to threats or attacks and quickly contain them is now a significant competitive advantage that will ultimately separate winners from losers in the digital economy .
A company that is digitally resilient is a company that consumers want to do business with , employees want to work for and investors want to champion . u www . intelligentciso . com | Issue 02
39