Reimagining Your Cyber Infrastructure

While the tech industry is distracted with endless conversations on the impact of generative AI, 2023 has seen several companies fall victim to crippling cyberattacks. These attacks often fall under one of two formats - either bad actors break in, compromise data, and hold it to ransom, or they enter systems and delete or encrypt data, which requires a cyber-tolerant backup solution.

Armed with the capabilities of AI tools and able to target companies through their increasing use of SaaS, cloud, and web collaboration tools, bad actors are launching increasingly smart and complex attacks, becoming a threat for organisations in all industries. 

Recently, the recent high-profile University of Manchester hack, which affected more than a million NHS patients’ details demonstrates the vulnerability of large corporations in the UK, with stolen data including NHS numbers and postcodes. Facing a host of other corporate pressures – like rising inflation, worker shortages, and regulatory standards – businesses need a simpler way to successfully navigate ongoing threats.

An Abundance Of Solutions

In response to more sophisticated and frequent cyberattacks, security teams are implementing a growing number of fixes and cyber tools. However, due to making quick, reactive decisions based on live vulnerabilities, and with many tools sold as part of packages that offer a number of capabilities, security professionals are often left with a somewhat bloated cybersecurity stack. In fact, IBM have found that the average organisation uses 45 different cybersecurity tools, so it’s not surprising that solutions frequently undermine each other and become difficult to manage. 

A disaggregated approach means that data on cyber threats takes longer to process, putting the organisation at greater risk of attack. Security teams that operate more than 50 tools have been found to be 8% less effective at detecting attacks, directly contradicting their purpose. As what’s perceived as the latest and most exciting tools are added to the tech stack, there’s a danger of siloes forming - either by function or by location. Organisational siloes reduce the visibility of overall operations, making it much more challenging to assess the business’ efficiency and state of its cyber protection. 

Organisations should be focused on reducing the chances of a breach by reducing their organisation’s attack surface.

They can only achieve this by ensuring all endpoints have an effective EDR solution and knowing the “vulnerability or exposure” status of these Endpoints. This is where most organisations falter, as they do not have effective asset management. For enterprises that have three or more service providers, ensuring all endpoints are known and protected becomes even more challenging.  

Breaking Siloes With Resilience

While every solution has its stronger and weaker points, as attacks have evolved the conversation has shifted from “how can we prevent attacks” to “how can we survive an attack”. While prevention methods are still vital in a well-rounded cybersecurity stack, businesses also need to focus on Disaster Recovery (DR), modern DR covers Fire, Flood and Cyber event scenarios as a way of building cyber resilience, with tools like incident triage, incident response, threat intelligence, and compliance management.

But resilience, at its most basic level, requires that the business has an understanding of the “minimum viable organisation” – what the critical processes are, how much the business is willing to lose, and what its non-negotiables are. To establish this, organisations should start with integrating their multiple tools and technologies, rather than fixing issues on a case-by-case basis. 

The easiest way to integrate new technologies within the tech stack, without creating siloes, is to simplify it.

Security teams should take the opportunity to remove what is no longer necessary, cutting away anything that does not directly link to the organisation’s key capabilities. By using actionable insights and security intelligence, driven by industry standards and best practice methods, businesses can consolidate siloes and start with a simplified base that makes managing cybersecurity easier, ultimately building a more resilient business future.

Rebuilding & Recovering

In the interest of helping to build a culture of resiliency, Kyndryl recently announced the Cybersecurity Incident Response and Forensics (CSIRF) service, designed to help customers respond to threats with advanced intelligence and domain expertise. The CSIRF services offers integrated and seamless incident response, support, and forensics that resolve threats like ransomware, as well as understanding their root cause. This reduces the incident window, recovery time, and maintains trust with customers and regulatory authorities.

This forms the respond phase of the NIST framework, providing infrastructure to recover servers and data post-breach. Most organisations recover their data from a ‘vault’, away from bad actors and unable to be exchanged or expired, and must ensure that this data can be retrieved quickly into a clean production environment when it’s needed. Kyndryl’s 30 years of business continuity expertise has enabled the creation of Cyber Tolerant Backup Solutions, with sufficient frequency to develop Technical Recovery Plans (TRPs) to retrieve data backup under orchestration recovery. 

In addition, Kyndryl’s partnership with AWS helps to break down technology siloes with a state-of-the-art data lake designed to give customers visibility of their entire security posture in a single pane of glass. The Kyndryl Security Operations Platform with AWS unifies disparate systems and data into a cohesive and agile operation that detects and responds to incidents faster with advanced security intelligence.

As businesses continue to navigate evolving cybersecurity threats and complex organisational siloes, it’s crucial that security teams embrace security resilience as much as they embrace detection and prevention. In an era of “not if, but when” when it comes to cyberattacks, simplifying and synchronising infrastructure will be imperative in keeping the business and its customers secure. 

Duncan Bradley is Security & Resiliency Practice Leader at Kyndryl

You Might Also Read:

Navigating The Evolving Threat Landscape:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Undetected Attackers Could Be Inside Your IT Systems Now
He's Back Again... »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Blue Solutions

Blue Solutions

Blue Solutions is a consultancy-led, accredited software distributor who provides IT solutions and support to small and medium enterprises.

WatchGuard

WatchGuard

WatchGuard is a leader in network security, secure Wi-Fi, and network intelligence products and services for SMBs and Enterprises worldwide.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

Engineering Ingegneria Informatica

Engineering Ingegneria Informatica

Ingegneria Informatica is a leading Italian provider of Information Technology consulting, services and solutions including cyber security.

Ikerlan

Ikerlan

Ikerlan is an R&D technology centre specialising in areas including embedded systems, industrial automation and industrial cybersecurity.

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

BitNinja

BitNinja

BitNinja provides full-stack server security in one easy-to-use protection suite. Enjoy real-time protection, automatic false positive handling and threat analysis for more in-depth insights.

Cyber Security Operations Consulting (CyberSecOp)

Cyber Security Operations Consulting (CyberSecOp)

CyberSecOp is an ISO 27001 Certified Organization which provides cyber security operations services and risk management consulting.

Truesec

Truesec

TRUESEC has an exceptional mix of IT specialists. We are true experts in cyber security, advanced IT infrastructure and secure development.

Aura

Aura

Aura is a mission driven technology company dedicated to creating a safer internet for everyone. We’re making comprehensive digital security that's simple to understand and easy to use.

Etisalat

Etisalat

Etisalat Group is one of the world’s leading telecom groups in emerging markets.

Performance Technologies

Performance Technologies

As a leading IT Solutions Provider in Greece, Performance Technologies delivers reliable, long life solutions, ensuring continuous availability of business-critical services and information.

Check Point Software Technologies

Check Point Software Technologies

Check Point Software Technologies is a leading provider of cyber security solutions to governments and corporate enterprises globally.

Occentus Network

Occentus Network

Occentus Network is a telecommunications service provider specialized in High Availability Servers & managed Cloud services.

Eqlipse Technologies

Eqlipse Technologies

Eqlipse Technologies provides products and high-end engineering solutions to customers in the Department of Defense and Intelligence Community.

Kolide

Kolide

Kolide ensures that if a device isn't secure, it can't access your apps.