Page 17 - Cyber Defense eMagazine Annual RSA Edition for 2024
P. 17

attack,  resilience  demands  the  full  recovery  of  critical  business  functions  in  hours  or  days.  Cyber
            resilience is the modern security imperative.



            Why Traditional Security Approaches Are Failing

            For  decades  cybersecurity  focused  on  building  the  impenetrable  fortress  of  cybersecurity,  with  the
            expectation being that somehow there is a perfect formula that will prevent every possible incursion.
            Reality tells us otherwise - there are few if any impenetrable cybersecurity programs, and the unrealistic
            goals  simply  cause  failure,  friction  and  burnout.  A  great  many  programs  were  also  built  with  the
            assumption that the solution was to buy another security product, leading to complicated environments
            with so many overlapping and conflicting tools that security teams can’t keep track of them all. While
            security technologies still play a vital role, they are only pieces of a constantly changing puzzle. The
            evolution  of  threats  and  the  daily  emergence  of  new  malware  and  techniques  mean  preventative
            measures are simply not enough.

               •  The Cost of Breaches is Skyrocketing: the average global cost of a breach increases annually,
                   and it reached $4.3 million in 2023 (IBM Security Cost of a Data Breach Report 2023)
               •  Cyberattacks Are More Disruptive: interconnectivity of data, applications and systems means
                   attacks are more disruptive - as recently witnessed in healthcare and critical infrastructure
               •  Threat  Actor  Evolution:  ransomware-as-a-service,  social  engineering  using  artificial
                   intelligence, and supply chain vulnerabilities are more prevalent than the average security team
                   can keep up with

            Cyber resilience recognizes these issues and focuses on what should be more realistic goals and better
            business  outcomes  from  a  cybersecurity  program.  By  focusing  on  identifying  risk,  withstanding  and
            responding to incidents, and continuous improvement, cybersecurity teams are far better aligned with
            business  goals  and  focus  better  on  security  programs  that  can  address  today’s  realities.


            Why Resilience Is Critical

            Business critical applications, connected networks, and a growing number of endpoints make resilience
            a critical strategy. Organizations in highly targeted industries such as critical infrastructure, healthcare,
            and  financial  services  must  conduct  incident  response  planning,  proactive  threat  hunting,  and
            vulnerability management analysis if they are to meet growing challenges and recover from inevitable
            attacks.



            Resilience is Imperative in Critical Infrastructure

            Speaking at a security conference In February, FBI Director Christopher Wray said Chinese nation-state
            actor  attacks  were  “ongoing,  and  at  an  unprecedented  scale.”  Deepwatch  has  customers  in  critical
            infrastructure  including  pipelines,  so  we  understand  their  resilience  imperative.  The  presence  and
            persistence of nation-state actors in critical infrastructure leaves no choice but to build cyber resilience –






                                                                                                              17
   12   13   14   15   16   17   18   19   20   21   22