Implementing predictive resilience

Richard Cassidy at Rubrik explains how predictive resilience can future-proof business operations

 

In the last few months, we’ve seen large-scale third-party supplier focused attacks impact our daily lives, most notably, the ransomware attack on NHS supplier Synnovis in the summer.

 

Outsourcing resources and services can save businesses time and money, and allow them to benefit from different ways of working and expertise. However, it can also add risk based on varying cyber-security standards and limited visibility over potential threats. 

 

Any threat or blind spot brought to a business through third-party suppliers can cause serious issues as it can open up pathways to their systems, their partners systems, and at the same time, both businesses’ data. Third-party suppliers are appealing to cyber-criminals, making embedding predictive resilience critical in identifying any potential risks before they can escalate. 

 

Over-trusting the system 

Managing supply chains can be a huge challenge for businesses. Many work on legacy systems with outdated software or use resources such as spreadsheets to keep tabs on suppliers and activities. Data storage then becomes fragmented, leaving CISOs and IT teams with less visibility, and the risk of missed opportunities to identify threats. 

 

It can take only one exploited vulnerability to put data at risk. IT teams must work together across industries and across public and private sectors to create a new standard of trust and reliability in digital systems. Over-trusting current data storage processes, as opposed to continually adapting and evolving, can make it difficult to be predictive with cyber-resilience. 

 

Battling blind spots

A proactive approach to cyber-resilience should focus on the use of technologies, such as AI, to help to comb through data to detect threats and mitigate them when discovered. Trained AI and automation workflows can also help with scenario planning to ensure that businesses are best prepared should a vulnerability be exploited. 

 

Cyber-resilience is the ability to ensure your data is available, and business-critical operations can stay running, even when faced with a cyber-incident. Technology, when used in secure environments, is a great enabler to cyber-resilience. It’s not just about outright prevention but instead about fostering resiliency via technologies and processes to limit damage and keep systems running when the worst happens.

 

When a cyber-attack strikes, the liability often sits with the CISO. As a result, in the UK, 92% of senior IT and security leaders reported changes to their emotional and/or psychological state as a direct result of a cyber-attack, with 36% worrying over job security. 

 

Lessons in liability 

Even when managed well, supply chains are delicate, with so many moving components and teams involved. To alleviate the strain on CISOs, their peers and supply chain managers, additional members of the C-Suite should be involved in ensuring that supply chains are secure and risk assessments take place regularly. Working closely with the broader C-Suite also ensures that there is a greater understanding of the importance of protecting data and the risks at play, helping to prioritise cyber-security in future activities. 

 

The onus is on suppliers to ensure that they are compliant with regulatory requirements, particularly as partners need to report and follow regulatory requirements themselves. Businesses operating in the financial services sector however can soon rely on the Digital Operational Resilience Act (DORA) for support. When DORA comes into force in January 2025, it will provide guidance around supply chain risk assessments and transparency.

 

In the interim, to support the vast amount of data, many businesses are becoming more dependent on the cloud, which when used outside of trusted vendors, brings its own risks. Rubrik Zero Labs data found that more than 25% of cloud object storage is subject to regulatory or legal requirements, such as protected health information (PHI) and personally identifiable information (PII).

 

Though the cloud can help with securing data, organisations need to invest in the right storage solutions. Legacy backup tools were not designed to enable reliable recovery from cyber-attacks, nor were they designed to natively deliver cyber-threat analytics and event response.

 

Supply chains are a shared responsibility, between the partner and the supplier. Both parties must work together to enhance their resiliency, through the use of technologies and regulations, and by simply understanding the risks. 

 

Predictive resilience strategies empower organisations to proactively predict, prepare for, and respond to cyber-threats before they escalate into crises. The world needs to work together. 

 

---

 

Richard Cassidy is CISO EMEA at Rubrik

 

Main image courtesy of iStockPhoto.com and porcorex