From Static Defenses To Dynamic Systems

Uploaded on 2025-03-17 in TECHNOLOGY--Resilience, FREE TO VIEW

Cybersecurity today isn’t just about prevention – it’s about ensuring continuity and recovery in the face of inevitable breaches or outages. Take a moment to look at your organization: If your systems went down, how long would it take for you to be fully operating again?

Building a truly resilient defense requires multi-layered strategies that protect against evolving threats and ensure systems can endure.

This past summer, CrowdStrike learned the hard way that its systems were not resilient enough. One small mistake in an update pushed out to users caused systems to crash across the globe, halting operations for airports, banks and more. 

This incident highlights how a single error can cascade through interconnected systems and underscores the need for cybersecurity leaders to map and manage dependencies proactively today. While CrowdStrike resolved the issue quickly, the ripple effect left many customers struggling to restore operations for weeks. Conducting regular recovery timeline tests – both for internal systems and those dependent on them – could have significantly reduced downtime and disruption for their customers.

Resilience goes beyond defense though, too; it’s about planning for worst-case scenarios and ensuring systems bounce back stronger. In 2025, hyper-vigilant proactivity and resilience will be essential for effective cybersecurity strategies across the world.

Human Error Remains The Achilles’ Heel

Attackers are increasingly exploiting the gaps between technical defenses and human behavior, making human error one of the greatest vulnerabilities in cybersecurity. Advanced training must continue to evolve alongside attackers' tactics to combat this – moving beyond simple simulation exercises. Incorporating adaptive training environments that use AI to generate evolving attack scenarios for instance ensures employees regularly face novel threats.

The more exposure they have to these dynamic challenges, the better equipped they will be to better protect their organization.

Meaningful metrics matter too. Tracking phishing training participation rates isn’t enough anymore. Instead, measuring post-training improvement rates, like how often employees correctly identify and report phishing attempts, is much more impactful. Additionally, analyzing response times – how quickly employees report incidents and how fast teams mitigate them – provides valuable insights into real-world preparedness and confirms that employees can successfully avert more advanced threats like APTs. 

Proactive System Analysis 

The interdependencies in today’s digital systems mean failures in one area can cascade across an entire organization. As the CrowdStrike incident demonstrated, organizations fall short when critical dependencies go unnoticed until a failure occurs. To prevent this, cybersecurity teams must move beyond siloed testing and adopt proactive system analysis.

Siloed testing overlooks how systems as a whole interact under real-world pressure. To build greater resilience, organizations need to map their interdependencies dynamically by asking themselves questions like “Which of our systems rely on others and how will any failures propagate as a result of an attack on one?” Continuous “war game” simulations can help stress-test resilience, exposing weak links before they become points of failure and allowing organizations to build fail-safes directly into system design. 

Rethinking Ransomware-Resistant Backups As A Strategic Asset

Backups are often treated as an afterthought when they should be seen as a cornerstone of any ransomware strategy, as they’re critical for restoring operations quickly in the event of an attack. Offline and air-gapped backups are essential to ensure isolation from compromised systems and unauthorized access. Automating integrity checks also ensures backups remain uncorrupted and accessible under pressure.

Simulating recovery through drills prepares teams for worst-case scenarios. Every minute counts, and end-to-end scenarios can highlight interdependencies or bottlenecks that slow recovery.

Organizations shouldn’t assume that backups are a silver bullet, however. The only way backups remain effective is through proper recovery workflow testing and the right processes and team support in place to restore operations quickly.

Ethical Considerations In AI & Decentralized Systems

The risks of unchecked AI are immense and as the technology becomes a core cybersecurity tool, organizations must grapple with ethical and operational questions about its use to uphold resilience in 2025 and beyond.

To minimize risk, organizations should first establish clear governance frameworks to ensure transparency in decision-making. This reduces the risk of the AI performing unintended actions and helps limit the impact of adversarial attacks. Next, they should implement oversight mechanisms for high-stakes actions and identify those responsible for intervening when the AI makes an error. Finally, they need to stay ahead of compliance challenges by aligning AI practices with emerging regulations and legal frameworks. 

When integrating AI into cybersecurity systems, it will be essential to ensure that AI-driven decisions are explainable rather than relying on black-box models.

Organizations should also assess the human impact of AI errors. Mistakes in automated decision-making can have far-reaching consequences, so balancing automation with human oversight is key to ethical AI deployment.

Resilience As The Ccornerstone Of Cybersecurity In 2025

Resilience isn’t just about enduring threats – it’s about maintaining the ability to operate and recover under any circumstances. Building dynamic systems requires multi-layered strategies, including adaptive training, AI-driven defenses, proactive system analysis, and robust backup solutions. Continuous testing and refinement ensures systems can keep pace with evolving threats.

By adopting these practices, cybersecurity leaders can shift from static defense to truly resilient systems, capable of mitigating risks and ensuring long-term operational strength in 2025 and beyond.

Engin Kirda is a program co-chair of ACM’s CCS and Professor at Northeastern University

Image: Andrii Yalanskyi

You Might Also Read:

Are Any Of Your Suppliers A Security Risk Waiting To Happen?:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Medusa Ransomware Attacks Focus On Critical Infrastructure
Guidance Is Coming, But Hackers Aren’t Waiting »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

Trulioo

Trulioo

Trulioo is a leading global identity and business verification company providing secure access to data sources worldwide to instantly verify consumers and businesses online.

ESNC

ESNC

ESNC’s vulnerability management and real-time SAP security monitoring solutions help largest corporations in the world to effectively prioritize SAP security tasks and secure their business.

Clym

Clym

Clym is the data privacy platform that helps organisations meet their data protection obligations. Cookies, Consent, Requests, Policies and more are all managed in a secure and adaptive application.

CyberSwarm

CyberSwarm

CyberSwarm is developing a neuromorphic System-on-a-Chip dedicated to cybersecurity which helps organizations secure communication between connected devices and protect critical business assets.

CYRISMA

CYRISMA

CYRISMA is a revolutionary cybersecurity platform that helps organizations manage risk without the usual headaches associated with enterprise cybersecurity tools.

Avertro

Avertro

Avertro helps leaders manage the business of cyber. We help explain cybersecurity to executives, forecasting outcomes, right-sizing your spend, and validating your cyber strategy.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

South East Cyber Resilience Centre (SECRC)

South East Cyber Resilience Centre (SECRC)

The South East Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

Cyber Suraksa

Cyber Suraksa

We make security simple and hassle-free by offering a sustained and secure IT environment with next-gen cybersecurity solutions through a scalable security-as-a-service model.

PixelQA

PixelQA

Are you looking for a security testing company to cross-check whether your software or mobile app has a possible security threat or not?

RightCue Assurance

RightCue Assurance

RightCue Assurance identify opportunities for improvement in the Information Security for your organisation and work with you to reduce cyber risk.

DefectDojo

DefectDojo

DefectDojo is a DevSecOps and vulnerability management tool.

Sprinto

Sprinto

Ambitious tech companies all over the world trust Sprinto to power their security compliance programs and sprint through audits without breaking their stride.

Intech Security

Intech Security

Intech Security provides expert cybersecurity services, including Cyber Essentials, to protect UK businesses from digital threats and ensure compliance.