Pandemic-era ransomware attacks have highlighted the need for robust cybersecurity safeguards. Now, leading organizations are going further, embracing a cyberresilience paradigm designed to bring agility to incident response while ensuring sustainable business operations, whatever the event or impact.

Cyberresilience, as defined by the Ponemon Institute, is an enterprise’s capacity for maintaining its core business in the face of cyberattacks. NIST defines cyberresilience as “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.”

The practice brings together formerly separate disciplines of information security, business continuity, and disaster response (BC/DR) deployed to meet common goals. Although traditional cybersecurity practices were designed to keep cybercriminals out and BC/DR focused on recoverability, cyberresilience aligns the strategies, tactics, and planning of these traditionally siloed disciplines. The goal: a more holistic approach than what’s possible by addressing each individually.

At the same time, improving cyberresilience challenges organizations to think differently about their approach to cybersecurity. Instead of focusing efforts solely on protection, enterprises must assume that cyberevents will occur. Adopting practices and frameworks designed to sustain IT capabilities as well as system-wide business operations is essential.

“The traditional approach to cybersecurity was about having a good lock on the front door and locks on all the windows, with the idea that if my security controls were strong enough, it would keep hackers out,” says Simon Leech, HPE’s deputy director, Global Security Center of Excellence. Pandemic-era changes, including the shift to remote work and accelerated use of cloud, coupled with new and evolving threat vectors, mean that traditional approaches are no longer sufficient.

“Cyberresilience is about being able to anticipate an unforeseen event, withstand that event, recover, and adapt to what we’ve learned,” Leech says. “What cyberresilience really focuses us on is protecting critical services so we can deal with business risks in the most effective way. It’s about making sure there are regular test exercises that ensure that the data backup is going to be useful if worse comes to worst.”

A Cyberresilience Road Map

With a risk-based approach to cyberresilience, organizations evolve practices and design security to be business-aware. The first step is to perform a holistic risk assessment across the IT estate to understand where risk exists and to identify and prioritize the most critical systems based on business intelligence. “The only way to ensure 100% security is to give business users the confidence they can perform business securely and allow them to take risks, but do so in a secure manner,” Leech explains.

Adopting a cybersecurity architecture that embraces modern constructs such as zero trust and that incorporates agile concepts such as continuous improvement is another requisite. It is also necessary to formulate and institute time-tested incident response plans that detail the roles and responsibilities of all stakeholders, so they are adequately prepared to respond to a cyberincident.

Leech outlines several other recommended actions:

Be a partner to the business. IT needs to fully understand business requirements and work in conjunction with key business stakeholders, not serve primarily as a cybersecurity enforcer. “Enable the business to take risk; don’t prevent them from being efficient,” he advises.Remember that preparation is everything. Cyberresilience teams need to evaluate existing architecture documentation and assess the environment, either by scanning the environment for vulnerabilities, performing penetration tests, or running tabletop exercises. This checks that systems have the appropriate levels of protections to remain operational in the event of a cyberincident. As part of this exercise, organizations need to prepare adequate response plans and enforce the requisite best practices to bring the business back online.Shore up a data protection strategy. Different applications have different recovery-time-objective (RTO) and recovery-point-objective (RPO) requirements, both of which will impact backup and cyberresilience strategies. “It’s not a one-size-fits-all approach,” Leech says. “Organizations can’t just think about backup but [also about] how to do recovery as well. It’s about making sure you have the right strategy for the right application.”

The HPE GreenLake Advantage

The HPE GreenLake edge-to-cloud platform is designed with zero-trust principles and scalable security as a cornerstone of its architecture. The platform leverages common security building blocks, from silicon to the cloud, to continuously protect infrastructure, workloads, and data while adapting to increasingly complex threats.

HPE GreenLake for Data Protection delivers a family of services that reduces cybersecurity risks across distributed multicloud environments, helping prevent ransomware attacks, ensure recovery from disruption, and protect data and virtual machine (VM) workloads across on-premises and hybrid cloud environments. As part of the HPE GreenLake for Data Protection portfolio, HPE offers access to next-generation as-a-service data protection cloud services, including a disaster recovery service based on Zerto and HPE Backup and Recovery Service. This offering enables customers to easily manage hybrid cloud backup through a SaaS console along with providing policy-based orchestration and automation functionality.

To help organizations transition from traditional cybersecurity to more robust and holistic cyberresilience practices, HPE’s cybersecurity consulting team offers a variety of advisory and professional services. Among them are access to workshops, road maps, and architectural design advisory services, all focused on promoting organizational resilience and delivering on zero-trust security practices.

HPE GreenLake for Data Protection also aids in the cyberresilience journey because it removes up-front costs and overprovisioning risks. “Because you’re paying for use, HPE GreenLake for Data Protection will scale with the business and you don’t have to worry [about whether] you have enough backup capacity to deal with an application that is growing at a rate that wasn’t forecasted,” Leech says.

For more information, click here.

Cloud Security

Does your organization need to improve security and upgrade its IT infrastructure? If so, you’re not alone. Those are the top two reasons for the rise in EMEA IT budgets, according to the Foundry 2022 State of the CIO study.

These priorities are in response to an ever-evolving business and security landscape. IT departments are under increased pressure to provide resiliency amid new and advanced cyberattack risks, ongoing supply-chain disruptions, digital transformation efforts, and the complex hybrid workplace.

It’s a tight balancing act to ensure both security and resiliency, especially if like most organizations, you have a lean IT staff or there are skills gaps within your teams. But that’s where managed services can help.

How to balance security with resiliency

Most organizations recognize the need to increase cybersecurity protections; this is the top priority among 63% of EMEA respondents to the State of the CIO survey.

It’s a significant challenge. Although digital transformation efforts were already underway prior to COVID-19, primarily driven by the need for speed and efficiency, the pandemic escalated those initiatives. In some cases, it created even greater complexity as enterprises bolted on solutions and tools for the remote workforce.

These implementations have also led to security gaps and vulnerabilities. As a result, many organizations are grappling to manage and protect a complex web of IT architecture that spans on-premises, hybrid and multi-clouds, and edge environments.

How can enterprises balance the needs for robust security and resiliency for ongoing business operations? It starts with those cybersecurity protections and gaining the ability to anticipate, protect against, withstand, and recover from any cyberattack to minimize disruption.

A cyber risk framework can help provide these capabilities. It should include:

End-to-end security assurance that provides reliable quantification of cyber risk throughout the enterprise. It also maintains and manages compliance via the consistent application of policies and controls, as well as threat management across the network, endpoints, and applications.

Integration of Zero Trust principles and technologies — from edge to cloud.  This includes data and application protections, cloud and network security, and digital identity services to ensure secure digital transactions and interactions.

Comprehensive security operation center (SOC) services that discover, prevent, and respond to advanced security incidents. Considering the significant need for security skillsets, the right technologies — including workflow automation and orchestration — and managed services must augment and enhance SOC operations management.

Incident response and recovery to minimize the impact of outages. Downtime is not an option, so the framework should address training, simulation exercises, automation of policies, and threat investigation capabilities.

This framework also delivers business value, including cost reductions, improved user experiences that lead to greater productivity, and continuous compliance.

For example, a multinational bank with headquarters in the United Kingdom implemented automated cyber recovery technology to improve its operational resilience. The solution has not only enabled recovery from cyberattacks in hours rather than days, it also has provided continuous security through 24/7 forensics.

Align with the right partner

Establishing a cyber risk framework that fits your organization and business can, by itself, be a daunting task – without even trying to implement it. That’s where a managed services provider such as Kyndryl can help.

The right provider must have deep expertise, a well-established solution portfolio, and a broad partner ecosystem to maximize your investment and business outcomes. Kyndryl will work closely to understand your enterprise’s cyber resiliency maturity level, then tailor a framework to best augment your existing resources — and ultimately help balance robust security and resiliency.

Learn more about Kyndryl’s approach to balancing security and resiliency here.

Cloud Security