Today’s businesses can’t catch a break. Between the less-than-stellar economy, supply chain disruptions and skyrocketing costs, and the demand for always-available services, it is a stressful time to run a company.
And, just to keep things interesting, organizations are fighting nonstop battles against dozens of different kinds of threats. Some are man-made, some not. Some are malicious, some just good old-fashioned bad luck.
In the past year, businesses have endured disruptions and data loss from natural disasters, like the severe winter weather that hit Texas; software updates gone rogue (we're looking at you, SolarWinds); and an onslaught of cyberattacks, including many that specifically targeted healthcare organizations in the middle of a global pandemic.
The Cost of Downtime and Data Loss
Whatever the cause—natural disaster, human error, technology failure, or ransomware—an unplanned outage or data breach can have a huge impact on business continuity and data protection, as well as the company’s bottom line.
First, there are the direct costs associated with a disruption: system downtime preventing sales, remediation and system repair, increased insurance premiums, compliance and legal penalties, ransom payment, and so on.
But there are also significant indirect costs that may be less obvious but are no less damaging to the organization’s revenue. Examples of indirect impacts include lost productivity, stock market losses, and reputational damage that may cost the company customers, investor confidence, and its standing in the market.
Depending on the industry, a disruption or security event might have compliance ramifications that can rack up some pretty expensive fines. And these days, if you’re in one of the critical infrastructure sectors—such as healthcare—your organization practically has a target on its back, so a cyberattack is more a case of when, not if, it will happen.
For example, a recent study found that there was a 55 percent increase in healthcare cyberattacks in 2020. These attacks potentially impacted the personal health data of 26 million people in the United States.
The Role of Cybersecurity and Cyber Resilience in Mitigating Damage and Risk
So, with all the different ways organizations are at risk every day, what can they do to reduce the threat and create a safety net for sensitive company systems, applications, and data?
The most efficient way to protect your organization is to focus on cybersecurity and cyber resilience to ensure you’re not only protecting the company but also creating a roadmap to quickly resume operations after a disaster.
In other words, cybersecurity is what you do to keep the bad stuff out; cyber resilience is the plan of action for when the bad stuff gets in (spoiler alert: It’s probably going to get in).
Cybersecurity is the first line of defense in this strategy. This is where you apply the methods, tools, and technology needed to prevent hackers from breaking into your IT systems in the first place. For example, you can implement a solution that utilizes a deep learning neural network to detect both known and unknown malware without relying on signatures and applies behavioral analysis to stop never-before-seen ransomware and master boot record attacks.
Cyber resilience, by contrast, is how you respond to and recover from an attack or unplanned disruption. There are three core actions at the heart of every successful cyber resilience initiative: predict, prioritize, and practice.
- When we proactively prepare for a crisis, we can anticipate potential threats and have a plan in place to deflect or diminish their impact.
- Because not all threats are equal and not every application is mission-critical, part of being resilient is prioritizing defense and recovery efforts.
- And finally, practice makes perfect. Create and document your strategy long before you need it, and test and update the plan regularly.
Why You Need Both Strong Cybersecurity and High Resilience
Although it may seem like spending time and budget on both installing cybersecurity and building resilience is a bit of overkill, it isn’t. Without both, you leave the company open to devastating data loss and extensive, if not permanent, downtime.
One way to get a feel for the interconnection of cybersecurity and cyber resilience is to view them in terms of the National Institute of Standards and Technology’s Cybersecurity Framework.
The framework identifies the five functions that make up the cybersecurity “backbone”:
For the purpose of this post, “cybersecurity” as we’ve been discussing it covers the first three functions of the framework, and cyber resilience covers the last two functions. Collectively, they create a comprehensive security and data protection strategy.
Most IT teams would agree that it is better (and cheaper) to proactively prevent security breaches if you can rather than clean up after them. But the reality is that ransomware attacks happen, hurricanes happen, and Tina from accounting accidentally wiping out last year’s P&L statements happens.
These are the reasons why every company needs to plan for both cybersecurity and cyber resilience. Resilience isn’t just for cyberattacks; it goes hand in hand with your business continuity strategy to ensure that no matter what causes a disruption, data can be recovered and operations can get back up and running fast.
Learn more ways to proactively prepare for a worst-case scenario. Download A Ransomware Crisis Plan is Now a Business Imperative now.