However, these words reflect much more than a simple definition. Take cyber resilience for example, it’s often thought of as just email security, but it’s more than that. It is an essential component of your critical infrastructure. Cyber resilience represents a suite of capabilities that has evolved to encompass four key pillars: Threat Protection, Adaptability, Recoverability, and Durability. In the growing world of technology, IT Administrators must focus on their overall environment as a cohesive whole and understand how their different products work together. In this first installment of, “What is Cyber Resilience and Why Should I Care?”, I’ll illustrate how the first two pillars will get you started on your cyber resilience journey.
Consider this as the cornerstone of cyber resilience – basic security is not good enough.
Do you have the tools in place to protect your organization against its #1 threat; email attacks? Organizations must be doing more than standard Anti-Virus and Anti-Spam checks. As technology has grown, so have attackers, and is why it is vital to incorporate DNS Authentication mechanisms in your environment to validate SPF, DKIM, and DMARC on all email.
Are you protecting your users from advanced cyber risks such as URL attacks or malware-laden attachments? What is in place to stop impersonation attacks or internal threats? Many IT Admins I have spoken to over the years admit they either have none or only some of these capabilities, but not all. Furthermore, administrators are forced to manage different products in an attempt to mitigate these various attack vectors leading to a seemingly never-ending defense arms race. A gap in your threat protection is a gap in your email security and is of utmost importance to address. Instead of constantly having to update or change solutions, invest in one is capable of growth and able to adapt to the evolving world of attacks.
This is vital as attackers constantly create new ways to target businesses and evade detection.
What would happen if a security breach occurred in your organization? Are you able to quickly identify and remove newly identified threats? Do you have built-in user awareness education or administrator tracking allowing you to identify your at-risk or infected users?
If the IT Team is able to recognize threats in real time by leveraging input from multiple threat intelligence resources and automate removal of such threats, your organization moves another step closer towards a more secure, more resilient ecosystem. Being adaptable means deploying the best of breed technologies, with the ability to change services for more optimal technologies, while also layering them to improve your defenses. It also is key to incorporate inline education to provide training, while users are being protected, to avoid any skill deficiencies. As you build and manage your environment, you cannot forget to overlook your organization’s stability and business continuity plan.
Threat protection and adaptability are just the beginning to a complete approach to cyber resilience. Check back next week for my second installment on durability and recoverability to learn more about how they help make your environment much more stable and secure.
By: Bob Adam, Cyber Security Strategist, Mimecast
This blog was brought to you by our partner, Mimecast. Mimecast is an international company specializing in cloud-based email management for Microsoft Exchange and Microsoft Office 365, including security, archiving, and continuity services to protect business mail. They are a valued sponsor of our annual Camp Secure Sense 2018 and will be presenting on Day 1 at 11:40 am.
Head on over to the registration page to discover other thought leadership presentations exclusive to Camp Secure Sense here.
With only 15 days until Camp, 3 more days to register and a few spots open for InfoSec leaders, we encourage you to register today.