J2SECOPS WEEKLY NEWS: This week in the J2 CSC, Why Information Security x Cybersecurity + Cyber Resilience = Business Continuity.
Current cybersecurity response frameworks are largely inadequate in terms of rising up to meet the demands of emerging threats and cyber programs. They often find themselves developed independently of business continuity and their requirements and operated in silos which in itself is a massive risk. With the rise of increasingly sophisticated cyberattacks, that are by their very nature insidious, are capable of crippling your business and permanently destroying IT systems at a whim.
Cybersecurity threats and breaches are business problems and with any digital transformation and hyper-connectivity strategy, which by design create unintended platforms for the aforementioned risk, vulnerabilities, attacks, and failures. An integrated cyber resilience strategy can help business withstand disruptive cybersecurity incidents and unintended consequences. It can enhance the defence against the dark arts, protect applications and critical data, and recover from breach or failure in a controlled, measurable way. By working with Continuity Professionals that have the expertise that can be leveraged to reduce both the time and money associated with a cybersecurity breaches we will see how Information Security becomes a Noun when Cybersecurity is a multiplier for Cyber Resilience and ultimately achieves Business Continuity through Resiliency as a Service.
And with this in mind, enjoy this roundup of stories for the week…
Cyber Resilience: What It Is and Why You Need It
In short, cyber resilience is about taking a step back and re-evaluating technology in the context of the work that makes it function. How do you build and maintain a digital environment that can not only provide the necessary functionality, but do so reliably and with minimal risk? This is the question cyber resilience seeks to answer, because it’s the one people care about. No matter how many silver bullet security solutions are stacked around the perimeter, a data centre will not be resilient unless the processes that determine it are documented, visible, and validated. With the popularity of cloud technologies, the perimeter can hardly be said to even exist, so cyber risk solutions must look elsewhere to bolster resilience— namely in the work itself.
Cyber Resilience: What It Is and Why You Need It | UpGuard
What should a cyber-resilient business look like?
Cyber resiliency and the value it brings to a company and its customers will depend on how well the business incorporates its security program as a strategic partner. This partnership can begin by focusing on fundamental cyber hygiene processes and techniques, and then, over time, incorporate and build redundancy into core business operations.
Using these basics techniques as a foundation, the company can implement more advanced resilient security controls over time and, in the process, be able to provide their customers the services they require even in times of adversity
What should a cyber-resilient business look like? | Gary Hayslip
Forbes Insights Infographic: Avoid Disruption in a Hybrid Cloud World
Learn more about the impact of hybrid to resiliency and avoid disruptions in a hybrid cloud world with Resiliency as a Service. To capitalize on digital innovation, enterprises are increasingly turning to hybrid IT - a blend of traditional and cloud services - for greater agility and flexibility. According to the IDC, FutureScape: Worldwide Cloud 2016 Predictions, more than 80% of IT organizations will commit to hybrid architecture.
Avoid Disruption in a Hybrid Cloud World | Forbes Insights in Association with IBM
And now for something completely different:
Cybersecurity - Why You're Doing It All Wrong
Most organisations deal with theoretical risk (a one-time assessment) and notional controls that “mitigate” the risks found. And then the parameters that make up each risk change, as they have a habit of doing, and nobody notices or reacts because they have no idea how to measure said parameters and act accordingly. The reason so many organisations suffer breaches is simply down to a failure in doing the very basics of security. It doesn’t matter how much security technology you buy, you will fail. It is time to get back to basics.
Cyber security – why you’re doing it all wrong | Ed Tucker
Impersonators, they’ll be back
Owing to the way impersonation attacks are orchestrated, it is by definition far more targeted and well researched. There are several methods of getting at the information the attackers are after. This will include online information via the corporate website with the added intelligence gained by looking at social media platforms such as LinkedIn and Facebook. Some cyber criminals even go as far as finding out ways in which emails are written or meeting an individual from the company to use social engineering tactics. Using this intelligence, the attacker can pull together key personal information that will allow them to compile highly accurate emails.
Impersonators, they’ll be back | Olivia Hannah Coetzee
- Hits: 208