Path to cyber resilience: sense, resist, react
Threats of all kinds continue to evolve, and today’s organizations find that the threat landscape changes and presents new challenges every day.
“The global shift towards a digital transformation has resulted in unprecedented levels of connectivity. This shift directly reflects on the volume, aggressiveness and impact of cyber-attack threats,” said Steve Lo, Greater China Technology, Media & Telecommunications Market Segment Leader at EY. “This means that our clients are increasingly becoming concerned about how such threats will impact their operations.”
According to EY’s latest Global Information Security Survey, organizations have learned over decades to defend themselves and respond better, moving from very basic level measures and ad hoc responses to sophisticated, robust and formal processes.
From the responses of 1,735 CIOs, CISOs and other executives, we can see where organizations are in the strength and maturity of their cybersecurity capabilities and suggest three steps to achieve cyber resilience:
Sense is the ability of organizations to predict and detect cyber threats and attacks.
Organizations need to use cyber threat intelligence and active defense to predict what threats or attacks are heading in their direction and detect them when they do, before the attack is successful. They need to know what will happen, and they need sophisticated analytics to gain early warning of a risk of disruption.
Resist mechanisms are basically the corporate shield. It looks at how much risk an organization is prepared to take across its ecosystem, and then establishes the three lines of defense:
< Executing control measures in the day-to-day operations
< Deploying monitoring functions such as internal controls, the legal department, risk management and cybersecurity
< Using a strong internal audit department
If sense and resist fail, organizations need incident response capabilities to manage the crisis. They need to be ready to preserve evidence in a forensically sound way and investigate the breach to satisfy critical stakeholders – and also be prepared to bring the organization back to business as usual in the fastest possible way, learn from what happened, and adapt and reshape the organization to improve cyber resilience going forward.
“Cybersecurity is about managing risk, but it is equally about enabling organizations to take advantage of opportunities in today’s digital world, in a safe way, and maintain the trust of their customers,” Chan added.
At EY, we believe that when organizations manage cybersecurity better, the world works better. To learn more about how you could be more cyber resilient, read the full report at ey.com/giss.