Reimagining Your Cyber Infrastructure

Uploaded on 2023-08-29 in TECHNOLOGY--Resilience, FREE TO VIEW

While the tech industry is distracted with endless conversations on the impact of generative AI, 2023 has seen several companies fall victim to crippling cyberattacks. These attacks often fall under one of two formats - either bad actors break in, compromise data, and hold it to ransom, or they enter systems and delete or encrypt data, which requires a cyber-tolerant backup solution.

Armed with the capabilities of AI tools and able to target companies through their increasing use of SaaS, cloud, and web collaboration tools, bad actors are launching increasingly smart and complex attacks, becoming a threat for organisations in all industries. 

Recently, the recent high-profile University of Manchester hack, which affected more than a million NHS patients’ details demonstrates the vulnerability of large corporations in the UK, with stolen data including NHS numbers and postcodes. Facing a host of other corporate pressures – like rising inflation, worker shortages, and regulatory standards – businesses need a simpler way to successfully navigate ongoing threats.

An Abundance Of Solutions

In response to more sophisticated and frequent cyberattacks, security teams are implementing a growing number of fixes and cyber tools. However, due to making quick, reactive decisions based on live vulnerabilities, and with many tools sold as part of packages that offer a number of capabilities, security professionals are often left with a somewhat bloated cybersecurity stack. In fact, IBM have found that the average organisation uses 45 different cybersecurity tools, so it’s not surprising that solutions frequently undermine each other and become difficult to manage. 

A disaggregated approach means that data on cyber threats takes longer to process, putting the organisation at greater risk of attack. Security teams that operate more than 50 tools have been found to be 8% less effective at detecting attacks, directly contradicting their purpose. As what’s perceived as the latest and most exciting tools are added to the tech stack, there’s a danger of siloes forming - either by function or by location. Organisational siloes reduce the visibility of overall operations, making it much more challenging to assess the business’ efficiency and state of its cyber protection. 

Organisations should be focused on reducing the chances of a breach by reducing their organisation’s attack surface.

They can only achieve this by ensuring all endpoints have an effective EDR solution and knowing the “vulnerability or exposure” status of these Endpoints. This is where most organisations falter, as they do not have effective asset management. For enterprises that have three or more service providers, ensuring all endpoints are known and protected becomes even more challenging.  

Breaking Siloes With Resilience

While every solution has its stronger and weaker points, as attacks have evolved the conversation has shifted from “how can we prevent attacks” to “how can we survive an attack”. While prevention methods are still vital in a well-rounded cybersecurity stack, businesses also need to focus on Disaster Recovery (DR), modern DR covers Fire, Flood and Cyber event scenarios as a way of building cyber resilience, with tools like incident triage, incident response, threat intelligence, and compliance management.

But resilience, at its most basic level, requires that the business has an understanding of the “minimum viable organisation” – what the critical processes are, how much the business is willing to lose, and what its non-negotiables are. To establish this, organisations should start with integrating their multiple tools and technologies, rather than fixing issues on a case-by-case basis. 

The easiest way to integrate new technologies within the tech stack, without creating siloes, is to simplify it.

Security teams should take the opportunity to remove what is no longer necessary, cutting away anything that does not directly link to the organisation’s key capabilities. By using actionable insights and security intelligence, driven by industry standards and best practice methods, businesses can consolidate siloes and start with a simplified base that makes managing cybersecurity easier, ultimately building a more resilient business future.

Rebuilding & Recovering

In the interest of helping to build a culture of resiliency, Kyndryl recently announced the Cybersecurity Incident Response and Forensics (CSIRF) service, designed to help customers respond to threats with advanced intelligence and domain expertise. The CSIRF services offers integrated and seamless incident response, support, and forensics that resolve threats like ransomware, as well as understanding their root cause. This reduces the incident window, recovery time, and maintains trust with customers and regulatory authorities.

This forms the respond phase of the NIST framework, providing infrastructure to recover servers and data post-breach. Most organisations recover their data from a ‘vault’, away from bad actors and unable to be exchanged or expired, and must ensure that this data can be retrieved quickly into a clean production environment when it’s needed. Kyndryl’s 30 years of business continuity expertise has enabled the creation of Cyber Tolerant Backup Solutions, with sufficient frequency to develop Technical Recovery Plans (TRPs) to retrieve data backup under orchestration recovery. 

In addition, Kyndryl’s partnership with AWS helps to break down technology siloes with a state-of-the-art data lake designed to give customers visibility of their entire security posture in a single pane of glass. The Kyndryl Security Operations Platform with AWS unifies disparate systems and data into a cohesive and agile operation that detects and responds to incidents faster with advanced security intelligence.

As businesses continue to navigate evolving cybersecurity threats and complex organisational siloes, it’s crucial that security teams embrace security resilience as much as they embrace detection and prevention. In an era of “not if, but when” when it comes to cyberattacks, simplifying and synchronising infrastructure will be imperative in keeping the business and its customers secure. 

Duncan Bradley is Security & Resiliency Practice Leader at Kyndryl

You Might Also Read:

Navigating The Evolving Threat Landscape:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Undetected Attackers Could Be Inside Your IT Systems Now
He's Back Again... »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Centre for Secure Information Technologies (CSIT)

Centre for Secure Information Technologies (CSIT)

CSIT is a UK Innovation and Knowledge Centre (IKC) for secure information technologies. Our vision is to be a global innovation hub for cyber security.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Schneider Electric

Schneider Electric

Schneider Electric develops connected technologies and solutions to manage energy and process in ways that are safe, reliable and sustainable.

UK Cyber Security Forum

UK Cyber Security Forum

UK Cyber Security Forum is a community interest group for cyber security companies in the UK.

Crypta Labs

Crypta Labs

Crypta Labs is an Award Winning IOT Security startup that is developing a quantum-based encryption chip to secure the Internet of Things.

Tech Mahindra

Tech Mahindra

Tech Mahindra is a global leader in IT solutions, BPO, business consulting services & digital technologies.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.

XPO IT Services

XPO IT Services

XPO IT Services are dedicated to providing secure, high quality IT recycling and asset disposal services.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

VIRTIS

VIRTIS

VIRTIS' mission is to provide today's leading organizations peace of mind that their entire digital network perimeter is safe from hackers and data breach.

Nassec

Nassec

Nassec is a Cyber Security firm dedicated to providing the best vulnerability management solutions. We offer tailor-made cyber security solutions based upon your requirements and nature of business.

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Financial Services Information Sharing and Analysis Center (FS-ISAC)

The Financial Services Information Sharing and Analysis Center is the only global cyber intelligence sharing community solely focused on financial services.

Cyberplc

Cyberplc

Cyberplc is a global cybersecurity consulting firm providing services to government, the public sector and enterprises.

SeeMetrics

SeeMetrics

SeeMetrics is an automated cybersecurity performance management platform that integrates security data and business objectives into a simple interface.

Bastion Technologies

Bastion Technologies

All your cyber defense. One platform. Keep your business assets and employees safe under one roof. Manage your cyber defense quickly, easily & efficiently.

SignMyCode

SignMyCode

SignMyCode is a one-stop shop for trusted and authentic code signing solutions to safeguard software.