Given the increased dependency on digital technologies for daily operations, it’s not a surprise that organizations are concerned about cyber threats and the risks these are posing to their operations. But what is the best approach to this problem? Should an organization focus on cybersecurity or on cyber-resilience? Which of the two can be considered a prime objective for businesses?
Cybersecurity is the more established term of the two and refers to the people, technologies and processes that serve as the line of defense against threats. Cybersecurity is centered on the idea that attacks can be prevented. It creates the expectation that the organization will be able to avoid being hit by attackers and it will not suffer cyber-breaches. Although preventing breaches from happening is something everyone wants, 100% protection effectiveness is not achievable. The recent years proven again and again that cyber threats are getting increasingly sophisticated and organizations, as well as individuals, are affected in a direct or indirect manner.
Opposite to the core idea of preventing breaches, cyber-resilience is centered on the principle that some attacks will go through and the organizations must prepare themselves to quickly and effectively deal with the consequences. Cyber-resilience represents the organization’s ability to avoid, prepare for, respond to, and recover after a cyber attack. Being ready to respond to security incidents, enables organizations to mitigate the consequences of cyber breaches and quickly resume the normal state of business operations. This makes cyber-resilience an integral part of business continuity planning.
What are the steps an organization should take to improve cyber-resiliency? The comprehensive path is through a cybersecurity program that addresses key four phases: preparation, detection, response, and recovery from an attack. When implemented thoroughly, this four-phase framework enhances the organization’s capacity to sustain operations through a cyber-attack while minimizing both disruption and reputational harm. A very good resource for organizations on the way to cyber-resilience is the NIST Special Publication 800-160.
In conclusion, what is the best way forward? Are cybersecurity and cyber-resilience fully distinct approaches? Not completely. Both cybersecurity and cyber-resilience strive to limit the effects of cyber threats on businesses. They have in common some of the tools, processes, and procedures. Both are good objectives for organizations to focus on, but cyber-resilience offers a holistic and more realistic approach. That makes it a more suitable (and achievable) objective for organizations to follow in 2024 and beyond.