Kory Daniels, Trustwave CISO.
getty
Resilience strategies are failing. Despite their known importance, why is it so difficult to implement them effectively? Resilience is not a new concept, but it is one we talk about individually and through the lens of business that is often difficult to demonstrate. In today’s digital world, resilience strategies are being challenged more frequently, include more scope and are being defeated by intentional, and unintentional, actions users, third-party partners and criminals.
It's time to confront the hard truth that our carefully constructed resilience strategies are failing us in the face of the complexity of the digital world. The recent CrowdStrike outage was a stark reminder of the fragility of the tangled web of interconnected systems and third-party dependencies. The CrowdStrike outage was certainly the largest digital impact event we have observed, but it is far from the only one.
Increased Likelihood Of Failure And Exploitation
Quite simply, managing the status of every piece of hardware, software, identity and data is an incredibly challenging task. We live and operate in hybrid environments where both new and older technologies coexist, and we rely on them as consumers and business operators. This hyperconnectivity, while enabling unprecedented efficiency and innovation, has also greatly expanded the attack surface.
Every new device, software application and data point represents a potential entry point for malicious actors. As organizations continue to digitize their operations, securing this expanding perimeter becomes an increasingly daunting challenge.
Complex And Fragile Supply Chains
Businesses, and consumers, rely heavily on third-party vendors and suppliers to deliver essential goods and services. While outsourcing can streamline operations and reduce costs, it also introduces significant risks. Each vendor represents a potential point of failure, with the potential to disrupt critical business functions. The intricate nature of supply chains, often involving multiple tiers of suppliers, makes it difficult to identify and mitigate risks effectively. A single vulnerability in a distant part of the supply chain can have far-reaching consequences for the entire organization.
Threats From The Outside And Within
The nature of threats has evolved beyond traditional cyberattacks. While malicious actors remain a constant and formidable challenge, organizations must also contend with a range of other risks. Natural disasters, such as hurricanes, earthquakes and wildfires, can cause widespread disruption and data loss. Human error, operational failures and supply chain disruptions can also lead to significant consequences. This multifaceted threat landscape demands a comprehensive and adaptable approach to risk management.
The Ripple Effect: A Multi-Industry Impact
The ramifications of such incidents extend far beyond the initial disruption. The healthcare sector, where patient data and system uptime are paramount, faces heightened pressure to bolster its cybersecurity posture. Financial services institutions must grapple with increased scrutiny of their third-party vendors and the need for robust disaster recovery plans. The retail industry, reliant on complex IT infrastructure, may consider diversifying its vendor landscape or prioritizing supply chain security measures.
Regulatory bodies are likely to react by introducing or strengthening cybersecurity regulations, mandating stricter standards for critical infrastructure and third-party software. Existing data privacy laws could also face stricter enforcement in the wake of potential data breaches stemming from such outages.
The security and IT industry itself will undoubtedly witness a surge in demand for specialized solutions and services. Third-party risk management solutions may gain traction, and organizations may invest in advanced incident response and disaster recovery technologies and training. The emphasis on securing the entire software supply chain, including open-source components, may also intensify.
Consumer trust, particularly toward cloud-based services and third-party software providers in general, is likely to take a hit. This incident serves as a wake-up call, raising public awareness of the potential impact of cybersecurity threats on daily life. Consumers will likely demand greater transparency from companies regarding their cybersecurity practices.
A New Approach To Resilience
Resilience isn't just about bouncing back; it's about anticipating and preventing failure. We need to shift from a reactive to a proactive mindset.
Here's how:
• Assume Failure: Rather than dwelling on the possibility of failure, organizations must embrace it as an inevitable occurrence. By anticipating potential disruptions, businesses can proactively develop robust contingency plans. This involves identifying critical systems, processes and data and implementing redundancy measures to ensure continued operations in the face of adversity. For instance, having backup data centers or cloud-based systems can mitigate the impact of hardware failures or disasters.
• Practice, Practice, Practice: Resilience is a skill that requires constant honing. Regular drills and simulations are essential for testing an organization's preparedness. These exercises should cover a variety of scenarios, from cyberattacks to natural disasters. By simulating real-world challenges, teams can identify weaknesses, refine response plans and improve coordination. Conducting tabletop exercises can foster a culture of preparedness and empower employees to take ownership of resilience.
• Design For Resilience: Resilience should be woven into the fabric of an organization's operations. This means incorporating redundancy, failover mechanisms and automation into core business processes. For example, implementing load balancing and auto-scaling capabilities can help distribute traffic and prevent system overload.
• Understand Your Digital Footprint: To mitigate risks, organizations must have a clear understanding of their digital ecosystem. This involves mapping out all interconnected systems, data flows and dependencies. By identifying critical assets and vulnerabilities, businesses can prioritize mitigation efforts and allocate resources accordingly. Vulnerability assessments and penetration testing can help uncover weaknesses before they are exploited by adversaries.
• Diversify Your Risk: Overreliance on a single vendor or technology can create significant vulnerabilities. By spreading dependencies across multiple suppliers, organizations can reduce their exposure to disruptions. Additionally, exploring alternative technologies and sourcing options can provide greater flexibility and resilience. For instance, adopting a multi-cloud strategy can help mitigate the risks associated with cloud provider outages.
In conclusion, the complexities of the modern business environment demand a proactive and comprehensive approach to resilience. By understanding the risks, investing in technology and empowering employees, organizations can build the capacity to withstand disruptions and emerge stronger. Furthermore, by taking decisive steps to enhance resilience, businesses can protect their bottom line, safeguard their reputation and ensure long-term success.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
