A cyber resilient system is one that anticipates, withstands, recovers from, and adapts to adverse conditions, stresses, attacks, or compromises on systems that rely on or are enabled by cyber resources, according to the National Institute of Standards and Technology (NIST). A cyber incident could result in a variety of consequences, so resilience focuses on minimizing them. When an organization has greater resilience, it has a better chance of bouncing back after a cyber incident or retaining its mission-critical functions in a degraded condition.
Changing the cost-benefit analysis of an adversary might act as a deterrent, denying them the benefits they seek. Resilience allows municipalities or businesses to make decisions about how to respond to ransomware attacks with more time and options.
It is important that the federal government, state and local governments, quasigovernmental entities, and private sector work together to strengthen cyber resilience, especially to understand changing vectors of disruption and the cascading effects that may not be anticipated or mitigated by a single entity.
Collaboration involves the exchange of information and insights, just as in any other relationship. Assessing and prioritizing consequences for critical infrastructure requires input from businesses and governments, particularly when trying to understand the full impact of a cyber incident
Creating a Culture of Transparency
Sharing information is essential, but creating a culture of transparency isn’t always straightforward. Many private companies are reluctant to share information about the impact of cyberattacks because of concerns about optics, potential liability, and regulatory action, along with the implications on their bottom line. It is possible that some organizations may continue to have concerns about the government’s ability to protect their information even though the government has an excellent track record of doing so. Several companies view these costs as outweighing any benefits they may receive from sharing information.
Information sharing will be more likely to occur when seen as a means of enhancing operational cooperation and resilience in the face of these costs. Cyber Threat Alliances, which eScan helped establish, have already demonstrated that partnering with private and public threat intelligence organizations and sharing threat intelligence can improve cybersecurity protection for organizations of all sizes and across all industries, increasing the effectiveness of the entire security sector. It is imperative that this same collaborative spirit be brought to the task of building resilience as well. To disrupt adversaries’ efforts at as many points as possible, everyone must work together. There is a role for every individual and organization in the industry.
It is good to look at the Joint Cyber Defense Collaborative (JCDC) as an example of this type of collaboration. To facilitate the fostering of operational cooperation by gathering, analyzing, and sharing actionable information to protect and defend against cyberthreats, the Cybersecurity and Infrastructure Security Agency (CISA) established JCDC in 2021. JCDC brings together public and private entities to facilitate operational collaboration. eScan participates in the JCDC, and this collaboration shows the benefits of public-private partnerships when it comes to improving our nation’s cyber resilience. Information Sharing and Analysis Centers (ISACs) established by government and sector-specific organizations are also part of this information sharing model.
Building resilience through the development of a cyber workforce
Keeping up with cyber risk takes a lot of effort, and security staff burnout is a big concern. Enhancing cyber resilience requires a solution to this problem. Maintaining high levels of operation in a prolonged crisis and despite increasingly sophisticated threats requires a fully staffed and prepared workforce. Moreover, preparedness should extend beyond IT staff. Cyber-hygiene protocols should be taught to all employees at a minimum. Having this training is not only important to prevent incidents, but also to deal with them once they have occurred. It is possible to contain a situation if a disciplined workforce takes action.
As a next step, we need to train our workforce on continuity of operations. It is always important to include an element of cyber disruption in this type of training and exercises so that workers are prepared. As a next step, we need to train our workforce on continuity of operations. It is always important to include an element of cyber disruption in this type of training and exercises so that workers are prepared. In addition to managing larger cyber incidents, they must be able to handle smaller cyber disruptions as well. Data backups are only useful if the staff knows how to access and use them. To ensure a smooth transition in the event of network disruptions, plans must be implemented for switching to analogue processes. Well-trained workers are better able to come up with innovative ways to increase resilience in the future and to keep the lights on.
National Cyber Workforce and Education Strategy (NCWES) is one example of how the White House is addressing this issue. Developed by the Office of the National Cyber Director as part of the 2023 National Cybersecurity Strategy, NCWES aims to increase the diversity of the national cyber workforce and increase accessibility to cyber education and training. Public and private organizations, including eScan, will commit to implementing the NCWES in order to expand opportunities for good-paying, middle-class jobs in cyber. Strong and diverse workforces enhance resiliency, promote innovation, and maintain continuity.
In addition to supporting NCWES, eScan has developed a customized information security awareness and training service for the education sector. It is part of eScan’s commitment to close the cyber skills gap by 2022, and it is available for free to K-12 school districts and systems across the United States. As part of its pledge to train 1 million people in cybersecurity by 2026, eScan has launched this initiative.
Building toward Resilience
Resilience in cyberspace transcends political, geographic, and technological boundaries. Developing cyber resilience requires integrated responses involving both government and the private sector in order to protect the expanding attack surface. Contact US
