What is cyber resilience and why should it be a strategic measure in organisations?
Cyber threats to the integrity of companies need to be tackled from an organisation's senior levels, by prioritising decision-making regarding cybersecurity, attracting talent and integrating new technologies.
Although the concept of resilience is fashionable as a quality for people or societies, the World Economic Forum (WEF) has been quick to coin it for corporate cybersecurity. So, we talk about cyber resilience: an organisation's ability to transcend (anticipate, resist, recover from, and adapt to) any stresses, failures, dangers, and threats to its cyber resources within the organisation itself and its ecosystem, in such a way that the organisation can confidently pursue its mission, enable its culture and maintain its desired way of operating.
For a few years, the strategic plans of companies have been progressing from stimulus-response decisions (an attack occurs and action is taken) towards prevention and training (the human team is prepared to avoid security breaches). And as a measure for the present and future, resilience is added to all the digital strata in the organisation.
Cipher, Prosegur's business unit specialising in cybersecurity, must defend the last bastion between companies and cybercriminals.
According to the results of the latest Global Cybersecurity Outlook 2022 report, published last January by the WEF, 81% of respondents (from a sample of 120 CEOs and CISOs from different organisations representing 20 countries) consider digital transformation as the main driver to improve cyber resilience. Another 87% of executives already plan to improve cyber resilience in their organisations by strengthening resilience policies, internal processes, and rules on how to engage and manage third parties.
All in order to reduce economic damage and impacts on infrastructure, which in the United States alone have caused losses of 5.8 trillion dollars in the business fabric due to cybersecurity failures. At the other extreme, the growth forecasts for cybersecurity are encouraging, with an estimated growth on the market of 158.800 billion euros by 2023.
Due to the accelerated digital transformation after the health crisis, service providers such as Cipher, Prosegur's business unit specialising in cybersecurity, must defend the last bastion between companies and cybercriminals
The great ransomware pandemic
Eight out of ten technology leaders interviewed by the WEF describe ransomware attacks as "evolving and dangerous threats to public safety". One in two recognises that this type of attack is one of their biggest concerns when it comes to cyber threats.
Therefore, also almost half (48%) rely on process automation and machine learning as some of the engines that will definitively drive cybersecurity for the next two years.
It goes without saying that Cipher is already working on all these lines to cover the needs of its customer portfolio. From Cipher Labs, Cipher's Cybersecurity Research and Innovation area, innovations are constantly created, such as their anti-ransomware solution, which deploys a sophisticated security agent on all customer workstations. Based on Artificial Intelligence and Machine Learning, it detects advanced threats in the organisation that reach the Security Operations Centre (SOC), from where they are neutralised using their own cyber intelligence tools.
From Cipher Labs, Cipher's Cybersecurity Research and Innovation area, innovations are constantly created, such as their anti-ransomware solution
On the path to greater automation demanded by technology leaders, Cipher can also rely on the automation framework "Waldo", designed to take care of certain basic actions during threat analysis and anticipation. Thanks to its versatility, it can be combined with other solutions such as Cipher Response, a button that activates an automatic gap analysis. If it detects them, Waldo will notify the SOC to assess the threat and, ultimately, send an email to the user on whose computer it has been found, so that they are aware of the situation.
Only through constant innovation is it possible to anticipate the increasing sophistication of attacks. In the case of Prosegur's cybersecurity unit, Cipherlabs continually invests in monitoring different criminal groups, as well as their tools. The goal is to have a better understanding of the attackers' behaviour and thus ensure a more effective detection and response process.
The new and uncertain era of quantum computing
Companies like IBM are strongly committed to designing the quantum computers that will set the route to be followed in tomorrow's technology world. For this reason, the WEF did not want to lose sight of quantum computing in its report, which it classified as one of the most pressing long-term risks.
As it is conceived today, it would mean the collapse of the current encryption algorithms underpinning most businesses, digital infrastructures and economies. It is, therefore, a "critical risk" that could lead to "more harm than good" if action is not taken both nationally and globally, concludes the Global Cybersecurity Outlook 2022 report.
The WEF urges governments to decisively support, through legislation and regulations, the consensus to promote cybersecurity as a key matter in the business fabric and to promote the training and recruitment of talent in this area, which currently sees great shortages of human resources: there are 4 million unfilled cybersecurity jobs.