Reimagining Your Cyber Infrastructure

Uploaded on 2023-08-29 in TECHNOLOGY--Resilience, FREE TO VIEW

While the tech industry is distracted with endless conversations on the impact of generative AI, 2023 has seen several companies fall victim to crippling cyberattacks. These attacks often fall under one of two formats - either bad actors break in, compromise data, and hold it to ransom, or they enter systems and delete or encrypt data, which requires a cyber-tolerant backup solution.

Armed with the capabilities of AI tools and able to target companies through their increasing use of SaaS, cloud, and web collaboration tools, bad actors are launching increasingly smart and complex attacks, becoming a threat for organisations in all industries. 

Recently, the recent high-profile University of Manchester hack, which affected more than a million NHS patients’ details demonstrates the vulnerability of large corporations in the UK, with stolen data including NHS numbers and postcodes. Facing a host of other corporate pressures – like rising inflation, worker shortages, and regulatory standards – businesses need a simpler way to successfully navigate ongoing threats.

An Abundance Of Solutions

In response to more sophisticated and frequent cyberattacks, security teams are implementing a growing number of fixes and cyber tools. However, due to making quick, reactive decisions based on live vulnerabilities, and with many tools sold as part of packages that offer a number of capabilities, security professionals are often left with a somewhat bloated cybersecurity stack. In fact, IBM have found that the average organisation uses 45 different cybersecurity tools, so it’s not surprising that solutions frequently undermine each other and become difficult to manage. 

A disaggregated approach means that data on cyber threats takes longer to process, putting the organisation at greater risk of attack. Security teams that operate more than 50 tools have been found to be 8% less effective at detecting attacks, directly contradicting their purpose. As what’s perceived as the latest and most exciting tools are added to the tech stack, there’s a danger of siloes forming - either by function or by location. Organisational siloes reduce the visibility of overall operations, making it much more challenging to assess the business’ efficiency and state of its cyber protection. 

Organisations should be focused on reducing the chances of a breach by reducing their organisation’s attack surface.

They can only achieve this by ensuring all endpoints have an effective EDR solution and knowing the “vulnerability or exposure” status of these Endpoints. This is where most organisations falter, as they do not have effective asset management. For enterprises that have three or more service providers, ensuring all endpoints are known and protected becomes even more challenging.  

Breaking Siloes With Resilience

While every solution has its stronger and weaker points, as attacks have evolved the conversation has shifted from “how can we prevent attacks” to “how can we survive an attack”. While prevention methods are still vital in a well-rounded cybersecurity stack, businesses also need to focus on Disaster Recovery (DR), modern DR covers Fire, Flood and Cyber event scenarios as a way of building cyber resilience, with tools like incident triage, incident response, threat intelligence, and compliance management.

But resilience, at its most basic level, requires that the business has an understanding of the “minimum viable organisation” – what the critical processes are, how much the business is willing to lose, and what its non-negotiables are. To establish this, organisations should start with integrating their multiple tools and technologies, rather than fixing issues on a case-by-case basis. 

The easiest way to integrate new technologies within the tech stack, without creating siloes, is to simplify it.

Security teams should take the opportunity to remove what is no longer necessary, cutting away anything that does not directly link to the organisation’s key capabilities. By using actionable insights and security intelligence, driven by industry standards and best practice methods, businesses can consolidate siloes and start with a simplified base that makes managing cybersecurity easier, ultimately building a more resilient business future.

Rebuilding & Recovering

In the interest of helping to build a culture of resiliency, Kyndryl recently announced the Cybersecurity Incident Response and Forensics (CSIRF) service, designed to help customers respond to threats with advanced intelligence and domain expertise. The CSIRF services offers integrated and seamless incident response, support, and forensics that resolve threats like ransomware, as well as understanding their root cause. This reduces the incident window, recovery time, and maintains trust with customers and regulatory authorities.

This forms the respond phase of the NIST framework, providing infrastructure to recover servers and data post-breach. Most organisations recover their data from a ‘vault’, away from bad actors and unable to be exchanged or expired, and must ensure that this data can be retrieved quickly into a clean production environment when it’s needed. Kyndryl’s 30 years of business continuity expertise has enabled the creation of Cyber Tolerant Backup Solutions, with sufficient frequency to develop Technical Recovery Plans (TRPs) to retrieve data backup under orchestration recovery. 

In addition, Kyndryl’s partnership with AWS helps to break down technology siloes with a state-of-the-art data lake designed to give customers visibility of their entire security posture in a single pane of glass. The Kyndryl Security Operations Platform with AWS unifies disparate systems and data into a cohesive and agile operation that detects and responds to incidents faster with advanced security intelligence.

As businesses continue to navigate evolving cybersecurity threats and complex organisational siloes, it’s crucial that security teams embrace security resilience as much as they embrace detection and prevention. In an era of “not if, but when” when it comes to cyberattacks, simplifying and synchronising infrastructure will be imperative in keeping the business and its customers secure. 

Duncan Bradley is Security & Resiliency Practice Leader at Kyndryl

You Might Also Read:

Navigating The Evolving Threat Landscape:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Undetected Attackers Could Be Inside Your IT Systems Now
He's Back Again... »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

SecureNow Insurance Broker

SecureNow Insurance Broker

SecureNow is a commercial insurance broker based in India. Services offered include Cyber Risk insurance.

Cipher Security

Cipher Security

Cipher Security provides unique robustness tests and penetration tests, as well as customizable development services for vendors and providers.

Bittium

Bittium

Bittium provides proven information security solutions for mobile devices and portable computers.

Dragos

Dragos

Dragos has built the first industrial cybersecurity ecosystem, the ultimate security defense.

Haltdos

Haltdos

Haltdos is an AI driven website protection service that secures websites against today's cyber threats.

Hexnode MDM

Hexnode MDM

Hexnode MDM is an award winning Enterprise Mobility Management vendor which helps businesses to secure and manage BYOD, COPE, apps and content.

Aergo

Aergo

Aergo offers an easier and more proven way to adopt blockchain and transform your business while building on your existing IT and cloud assets.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

GoVanguard

GoVanguard

GoVanguard is an boutique information security team delivering robust, business-focused information security solutions.

Cyberwatch Finland

Cyberwatch Finland

Cyberwatch Finland's services improve decision-makers’ strategic situational picture and enable successful holistic cyber risk management.

LimaCharlie

LimaCharlie

LimaCharlie gives security teams full control over how they manage their security infrastructure. Get full visibility, build what you want, control your data, get the security capabilities you need.

Silent Quadrant

Silent Quadrant

Silent Quadrant delivers incomparable cybersecurity consulting, digital transformation, and risk management within our purpose-driven clients - empowering them to be the most resilient entities.

Execweb

Execweb

Execweb are a cybersecurity executive network, comprised of 400+ security practitioners who work at Fortune 500 and SME companies.

Anjuna Security

Anjuna Security

Software from Anjuna Security effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud.

KTrust

KTrust

KTrust provides Continuous Threat Exposure Management for Kubernetes environments.

Lightpath

Lightpath

Lightpath is revolutionizing how organizations connect to their digital destinations by combining our next-generation network with our next-generation customer service.