lecture: Moving towards Cyber Resilience
The terms of cybersecurity and cyber defence, are simply two pieces of a puzzle that is called Cyber Resilience. In order to be able to survive this rapidly evolving era of cyber threats, we need to embrace the change, welcome new technologies and services, understand the business needs, and evolve in the way that we currently perceive security and privacy. In other words, our cyber resilience (strategy) against fast evolving threats, is to strengthen by constantly adapting to these threats. Our survivability and adaptation to threats, is what usually drives the threat actors to aim for the “lowest hanging fruit” and shift to their next stage of their "evolution".
The ever-evolving threat landscape in the fifth domain of warfare has become a realisation for those have been breached and for those who haven’t detected it yet. In evolutionary terms, all of this happens because it is simply how nature works; where there is an attack there will be a need for defence, and while you advance and evolve in order to defend against the emerging threats, the threats will also continue to counter-evolve.
The umbrella terms of cybersecurity and cyber defence, are simply two pieces of a puzzle that is called cyber resilience. In order to be able to survive this technological era, we need to embrace the change, welcome new technologies and services, understand the business needs, and evolve in the way that we perceive security and privacy. In other words, our cyber resilience against fast evolving threats, is to strengthen by constantly adapting to these threats. Our adaptation to threats is what drives the threat actors to aim for the “lowest hanging fruit” and shift to their next stage of their evolution.
An effective cyber resilience strategy needs to be adaptable and capable of assessing the security posture of a business, an organisation, an enterprise, even a country’s critical infrastructure, beyond physical borders and geographically confined sectors, even across the whole globe. Adding to this, the rapid interconnection of numerous devices, aka Internet of Things (IoT) and SCADA-controlled systems, increases exponentially the complexity of the systems to be protected. The required efforts involved in protecting these systems, will only increase further while smart cities start becoming a reality, and this is part of the inevitable evolution, as it was discussed above. Threat actors are mainly opportunists, and it is also inevitable not to see them try to take advantage of this technological evolution, and themselves counter-evolve as well. Hence, today is the time that we need to realise and accept that cybersecurity will become far more complicated in the context of today’s emerging threat landscape, that is not only constantly changing, but is also expanding at an increasingly fast rate. Based on this, the need to start thinking outside-the-box when it comes to security is not only deemed as necessary, but it is the only way if we really want to face the most problematic element of cybersecurity, which is having a dynamic and equally evolving resilience plan that is capable of responding to evolving threats.
It is imperative to understand that the unfortunate event of being compromised is an unpredictable but real state of operations for any entity. However, the ability to predict, detect, respond and successfully recover from a cyber breach is the essence of Cyber Resiliency, that sets the foundation for the new era of defence against Cyber warfare. Cyber resilience puts us in a stage where we are going to be able to run plausible attack scenarios across the current security posture of a small organisation all the way up to a whole smart city, allowing the results to be measured, act upon factual data, and fine tune our predictions for taking the next steps.
Readiness is defined by the speed of the threats being detected, while responding in a timely manner is what defines a proper cybersecurity strategy in place. Your cyber resilience strategy though, is measured on how effectively you have allowed yourself to recover.
Start time: 17:15