There has been an evolution over the years in the mindset or philosophy of cybersecurity. From the early castle-and-moat approach with perimeter security, to the notion of prevention, and the concept of detection and response. Organizations today, for the most part, recognize and accept that impenetrable security does not exist and you can’t stop every attack. Prevention and detection are still objectives, but perhaps the most crucial element of cybersecurity is resilience.
Put simply—can your business continue to function, rebound effectively, and survive cyberattacks with minimal disruption or impact? A new report from Splunk, “Digital Resilience Pays Off,” shares research and insights on what it takes to be resilient and how digital resilience benefits organizations.
Prevention, Detection, and Resilience
Cyberattacks are becoming increasingly common, sophisticated, and damaging. With the proliferation of technology and the increasing digitization of business operations, cybercriminals have more entry points and opportunities to infiltrate and exploit vulnerabilities. Despite the best efforts of organizations to prevent and detect cyberattacks, it is not possible to eliminate the risk entirely.
One of the reasons why it is not possible to prevent or detect every cyberattack is that cybercriminals are constantly evolving their tactics and techniques. They are constantly finding new vulnerabilities to exploit, and they are becoming more skilled at evading detection. Cybercriminals are also using more sophisticated tools, such as artificial intelligence and machine learning, to carry out their attacks.
The key to surviving cyberattacks with minimal impact or disruption lies in digital resilience. Digital resilience is the ability of an organization to maintain productivity and recover from cyberattacks. It is the ability to detect and respond to cyber threats, mitigate the damage, and continue business operations as usual. Digital resilience is not just about preventing cyberattacks; it is about being prepared for them and having a plan in place to recover quickly.
Malcolm Harkins, Chief Security and Trust Officer for Epiphany Systems, emphasized the importance of preparation for improved resilience. “Resilience requires having resistance to cyberattacks. Without understanding your cyber exposure to material risk and taking measures to reduce attacker opportunities to prevent as much risk as possible—your detection measures will generate voluminous alerts causing the proverbial alert fatigue, and your response controls will be overwhelmed. In this case, your resilience plan will be fragile and inevitably lead to defeat. “
Doing Resilience Right
Even with the best security measures in place, there is always a risk of cyberattacks. This is why digital resilience is crucial. Digital resilience is not just about technology; it is also about people and processes. It requires a holistic approach that considers all aspects of an organization’s operations, including technology, people, processes, and culture.
“The biggest mistake companies make when approaching IT resilience, and spending much money on resilience initiatives, is that they have never defined and formally documented what exactly resilience means to them,” explained Ben Rothke, Senior Information Security Manager at Tapad.
“Yes, resilience is all the rage with Gartner. But a Gartner report alone won’t help a company. They can expect it to work only after they have fully documented and defined the resilience lackings in their critical IT processes, service levels, security and privacy needs, applications, and much more.”
Rothke summed up, “If that is not done, and sadly, too often that is the case, they won’t have much to show for it at the project conclusion besides expensive consultant invoices.”
Digital Resilience Pays Off
Splunk was founded 20 years ago to harness data for organizations. The mission and focus has shifted over the last 20 years as the ecosystem of technology has evolved and the threat landscape has expanded. Data is the lifeblood of an organization—which means it is also a primary target for cyberattacks, and explains Splunk’s focus on resilient digital systems.
Splunk conducted a survey of 2,100 SecOps, ITOps, and DevOps leaders around the world to learn more about how prepared organizations are to withstand and survive cyberattacks or other disruptions. A blog post from Patrick Coughlin, VP of Strategy & Specialization at Splunk, shared some of the key findings from the report:
- Organizations report an average of 10 days of unplanned downtime per year that negatively impacts revenue, customer experience or productivity
- Organizations with advanced digital resilience capabilities save an average of $48 million per year on downtime costs compared to beginning organizations
- Only half of all organizations are fully prepared to change how they operate and engage with customers during times of major disruption, either to address the demands of a recession (52%) or in response to competitors (50%).
Coughlin notes, “The recent uptick in infrastructure outages and security breaches has shown us limiting resilience efforts to one off projects or disaster recovery and business continuity planning isn’t nearly enough. Successful organizations are building a digital resilience strategy across these three functions, so they can get ahead of and overcome disruptions.”
Resilience is a competitive advantage. By all means, strive to block or prevent cyberattacks, and ensure you have the processes and technology in place to detect and respond when cyberattacks occur. Based on the findings and insights in the Splunk report, though, digital resilience is also essential. You can download “Digital Resilience Pays Off” and review the full report for yourself.