David Cahill
Information Security Manager & Committee Member, IISF (Irish Information Security Forum)
To comply with industry regulations and demonstrate a strong cybersecurity posture, organisations must be vigilant in safeguarding their corporate digital estate. Collaboration is crucial, as sharing threat intelligence across industries helps organisations stay ahead of attackers and minimise downtime.
Cybersecurity focuses on protecting information by preventing, detecting and responding to cyber risks. In contrast, cyber resilience includes impact tolerance and the ability to maintain and recover key business activities during a cyberattack or other service interruption.
Prepare for and absorb threats for cyber resilience
Cyber resilience acknowledges that every system, no matter how robust, has potential vulnerabilities that can lead to business impact and disruption. It prepares for the inevitable — ‘when’ not ‘if’ an incident occurs. Instead of only stopping attacks, be ready for them. Such focus allows for business continuity throughout cyber attacks or any other customer service-limiting incident.
Simply blocking one type of attack does not guarantee organisational resilience.
Cyber resilience extends beyond the first line of defence. While a secure perimeter is important, resilience is how well you will be able to absorb and keep on running when exposed to or under a threat. Simply blocking one type of attack does not guarantee organisational resilience. Instead, a comprehensive strategy is essential — one that addresses navigating multiple and potentially impactful scenarios.
How to start building risk-focused Cyber Resilience strategies
Enterprise-grade cybersecurity utilises mature risk-based assessments, where business impact is the focus. This creates an inventory of key assets and identifies where additional and warranted protection and detection capabilities are needed. A balanced approach is key — facilitating the readiness to act both on the prevention and recovery side.
Building resilience requires plans that can adapt according to how events and incidents are handled. If relying on traditional recovery methods, organisations should have strategies that can change as the threat landscape evolves. Regular testing and scenario-based exercises help improve readiness by ingraining the response actions, into ‘muscle memory.’
Extending our knowledge-sharing and incorporating threat intelligence
Collaboration and information-sharing are increasingly crucial as mandated by emerging regulations, such as DORA and NIS2, across industries. By leveraging threat intelligence, a cyber resilience strategy ensures that we stay ahead of threat actors, quickly identifying and mitigating potential threats before they can impact our business operations, thereby maintaining continuity and trust with our customers.
Integrating threat intelligence and knowledge-sharing into our resilience framework also allows us to proactively adapt to emerging threats. This integration minimises downtime and ensures that critical business functions remain unaffected even in the face of sophisticated threat actors or cyberattacks.