Organisations across the world need to accept that they will be breached and prepare for the inevitable, according to the CEO and founder of UAE-based Axiom Telecom.
Faisal Al Bannai, who also founded cyber security provider DarkMatter, said in a statement earlier this year: “It is clear that digital transformation has revolutionised modern life. Yet as usage has increased, what we don’t have is a corresponding improvement in security measures capable of protecting people’s data.
“The industry’s current approach to cyber security is overly reliant on perimeter security and reaction to threats, leaving entities vulnerable to attack.”
Al Bannai added: “To really benefit from the wonders of technology, organisations must become cyber resilient. This means having the ability to not only recover quickly from cyber attacks, but to end up stronger. Equally, developers and suppliers of technology should become more transparent around the capabilities of their products and technologies, to begin rebuilding trust.”
What is cyber resilience?
Cyber resilience is an approach to data protection that combines cyber security and business continuity management. It enables organisations to avoid an ‘all or nothing’ approach to information security, as they take steps to prevent data breaches while also implementing measures to limit the damage when an incident occurs.
Organisations often refuse to think about suffering a breach, but they need to understand the threat. No one’s too small to avoid being targeted, and no one’s defences are impenetrable. Vulnerabilities are constantly being discovered, and some – such as human error – never go away. It only takes one crook to exploit one weakness for your organisation to be in trouble.
However, a breach doesn’t necessarily mean disaster. If you have an effective plan in place, you can ensure that business continues and your staff can mitigate the damage.
How GCC organisations can become cyber resilient
Information security personnel might be hesitant about proposing cyber resilience to their bosses. To the uninitiated, it sounds like yet another complicated solution to the already challenging information security landscape.
But if you take a quick look at what it entails, you’ll probably find that your organisation is already cyber resilient to some degree. If you have defence technologies in place or a policy for what to do when there’s a business disruption, then you’ve already started.
You can find out how to proceed from there by reading Cyber Resilience: Cyber Security and Business Resilience. This free green paper goes into more detail about how cyber resilience works, and explains in seven steps how you can adopt it.