The Expert View: How can businesses stay resilient in a digital-first world?

Today’s cyber-threats make resilience more important than ever, said Duncan Bradley of Kyndryl, introducing a TEISS Breakfast Briefing at the Langham Hotel in London. He told an audience of senior cyber-security specialists from a range of sectors that recovery, for a long time overlooked, was once again becoming a priority.

 

Attendees agreed. They said that over the past few years a succession of catastrophic events, from the Covid-19 pandemic to the war in Ukraine, had made businesses realise that crises they once thought unlikely were actually all too plausible. Meanwhile, the growth of ransomware attacks, together with incidents such as the Log4j vulnerability, had demonstrated the increase in cyber-risk.

 

There are other threats on the radar too, according to attendees. Theft of private data is an obvious one, which is sparking lawsuits in the US that might soon be replicated in Europe and elsewhere. There is also the risk of data corruption, where an attacker sabotages data used to make decisions, train artificial intelligence models, or otherwise run business-critical applications. An incident such as these could have crippling consequences.

 

Budget challenges

 

However, addressing these risks is a challenge because it requires investment, and attendees listed several reasons why that is difficult to get. First, current economic conditions mean that budgets are under pressure across the business, with cyber-security being no exception.

 

Even before that, cyber-security budgets were a challenge, attendees said, because boards are focused on ROI, and that isn’t always obvious with cyber-security. Preventing something bad from happening is not as appealing as making something good happen.

 

What attendees would like to see is cyber-security teams controlling their own budgets. One attendee said 6 per cent of IT investment at his company is now owned by security, but his experience was far from the norm. Even then, he said it can be difficult to get security projects prioritised for delivery because other IT projects tend to take precedence.

 

Drivers of change

 

There are signs that some change is happening. In regulated sectors, certain cyber-security measures are required for compliance purposes. Some attendees speculated that this would have a knock-on effect for suppliers, who will have to provide certain controls for regulated clients that might then be requested by others.

 

Insurance is seen as another driver by many attendees. With costs under pressure and cyber-insurance getting more expensive, it might be worthwhile putting in place resilience measures that will bring down insurance premiums. On the other hand, one attendee said that cyber-insurance costs were leading him to wonder whether it was worth having at all.

 

Many attendees agreed that breaches remain a major driver of change. A company that experiences a breach or sees a competitor go through one is much more likely to increase its focus on resilience. As well as increased funding, attendees said a mindset change is needed.

 

Recovery exercises

 

That doesn’t mean attendees are not taking any action on resilience. Audits, carried out at least annually, are universal tools for assessing readiness, and attendees are also proactive about assessing third parties. Getting an overall picture of what is happening within the business remains difficult, though, and those at the briefing said they try to get as much real-time data as possible.

 

Recovering from an incident typically takes longer than expected and although cyber-security specialists know this, it isn’t clear that the business understands. Attendees recommended training exercises to help the board and other senior executives understand the process for recovering from a breach and what some of the challenges might be.

 

These exercises will also help cyber-security teams understand how to manage incident response. One attendee said that exercises in their company had demonstrated that some people did not need to be involved in the entire process. The CFO, for example, is primarily concerned about money, and that isn’t relevant at every stage. Other individuals might not have the right personalities for what will be an intense, high-pressure environment. Managing that is important.

 

The TEISS Breakfast Briefing underscored the critical importance of resilience in the face of evolving cyber-threats. As the discussion highlighted, businesses must invest in cyber-security measures, despite financial constraints and other challenges. The consensus was that a shift in mindset is needed, with a focus on proactive measures, regular audits and training exercises to prepare for potential incidents. As cyber-threats continue to evolve, it is more important than ever for businesses to stay vigilant, adaptable and proactive to protect their assets in the digital age.

 

---

 

Kyndryl works at the core of businesses that move the world. With more than 90,000 skilled professionals serving customers in over 60 countries, we design, build, manage and modernise the mission-critical technology systems the world depends on every day.

 

To learn more, visit www.kyndryl.com.