Page 24 - Cyber Defense eMagazine March 2024
P. 24
Why Cyber Resilience Matters
A cyber resilience mindset recognizes that no cybersecurity solution is perfect — that even the best
cybersecurity tools and strategies cannot protect against every form of cyber threat. For every new
defensive strategy, a new attack vector emerges. CISOs and their teams can (and must) engage in what
amounts to an endless game of whack-a-mole. You can’t win outright, but neither can you afford to lose.
Recognizing these limitations, cyber resilience strategies deliver robust mitigation plans in the face of
these ever-evolving threats. They focus on supporting the continuity of operations, as well as the ability
to “return to normal” following an attack.
As federal agencies pursue their modernization goals, a proactive emphasis on cyber resilience ensures
they can evolve their defenses as new technologies emerge. Resilience recognizes that there will be new
attack vectors as technology evolves, and that incident response and remediation capabilities can and
must be able to adapt.
To create a powerful cyber resilience strategy, CISOs and their teams need to develop a risk-based
strategy, one that is integrated with the organization’s cybersecurity plans and that supports the ability to
identify, protect, detect, respond, and recover. This includes developing detailed incident response,
business continuity, and disaster recovery sub-plans and processes.
Why Cyber Resilience Complements Cybersecurity
Cyber resilience should be used in conjunction with fundamental cybersecurity practices.
A strong cybersecurity program deploys the right mix of policies and tools to protect organizations from
data breaches, exploited vulnerabilities, malware attacks, and insider threats, as well as phishing attacks
that could escalate into ransomware attacks. These will likely include intrusion detection systems, threat
monitoring and log collection platforms, end point detection, SIEMs, firewalls, and data loss prevention.
Cyber resilience complements these strategies. With attack simulations, adaptive detection and
response, crisis response, and threat intelligence, resilience tools and strategies enable organizations to
recover swiftly from a cyberattack. They empower agencies to restore data and systems to their previous
state, minimizing the impact of an attack on business operations.
For those already familiar with cyber resilience, there’s a common misconception that cybersecurity
planning and cyber resilience planning are mutually exclusive. In fact, they are two sides of the same
coin. Cyber plans should look to apply both security measures and cyber resilience for the most effective
overall security posture.
Some may erroneously believe that traditional backup solutions are all that’s needed to ensure mission
resilience. In fact, while these solutions might be adequate for restoring data in the event of hardware
failure or accidental deletion, they’re not designed to ensure full recovery from cyberattacks.
For federal agencies to truly ensure mission success in the face of near constant threats, cyber resilience,
or a comprehensive approach to restoring and maintaining operations following a cyberattack, is critical.
Cyber Defense eMagazine – March 2024 Edition 24
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.