Wargaming for Cyber Resilience - Cyber Site

Wargaming for cyber resilience

Cyber Site

Wargaming for cyber resilience

Over the course of the past few years there has been a constant stream of headlines relating to cyber disruptions, including cybercrime. In recent months, the Wannacry, Petya and NotPetya strains of ransomware indiscriminately targeted and crippled global multibillion dollar businesses, governments and small businesses alike.

There is nothing new about these types of cyberattack, with the first worm (ie network-born virus) having been developed by an academic in the 1980s, using social engineering techniques to infect computers. What has changed, however, is that the global nature of the consequences and impacts today are infinitely more severe than we have seen before, because of the interdependency and complexity of transnational networks.

 

Big business

Cybercrime has become very big business indeed.

Most of today’s attacks are targeted to get something valuable – sensitive personal information, monetary funds, intellectual property, authentication credentials and insider information to name just a few – rather than the random ‘hacker’ behaviour of old. Although defensive technology such as firewalls, antivirus software and web gateways has been deployed for years to keep up with the ‘bad guys’, the cyber risk is a fluid and constantly changing environment.

No sooner is one breach identified and closed down, another emerges as criminals are busy developing ways to avoid detection. As such, relying on technological tools and protective measures can certainly assist, but they are unlikely to be sufficient as a standalone, and rarely offer true resilience. It requires a much more holistic approach to enhancing cyber resilience which takes into account a number of factors, including the company, processes, people and culture. This is because cyber has empowered individuals, downward and throughout organisations, meaning that everyone is responsible for cyber security and everyone has to learn about this particular environment.

Cyber resilience requires a corporate approach that starts with senior management who must first understand the nature of the risk specific to their business and then set out a strategy to mitigate losses arising from cyber incidents. This strategy must be communicated to employees so that they know what is expected of them in terms of establishing a cybersecurity and resilience culture.

Putting the technology in place, together with creating policies and procedures, is all very well, but without embedding the desired cultural change, the overall effectiveness of cyber resilience is greatly diminished.

Planning ahead

Some companies believe that if they spend money on technology and test their operational effectiveness they are protected from the impact of a cyber incident. Wrong and simply not enough.

First and foremost, senior executives need to be able to respond quickly to cyber incidents as, ultimately, they will be held accountable as to how well their organisation recovers from it. These leaders will need to be prepared for any event likely to cause disruption to their business and offer a portfolio of options to address them. It is therefore advisable to work through the decision-making process and assess their effectiveness ahead of an actual incident.

Having plans and lists of what assets to protect is essential, but if those plans are not exercised and people are not trained, how can the effectiveness of the defences be assessed? Does a senior executive really want the incident response or recovery plan tested for the first time in the midst of a real incident?

Read more news

Go back