Towards cyber resilience

Ross Brewer, Chief Revenue Officer of SimSpace discusses the threat landscape and some best practises to build cyber resilience

What are the key threats on the cybersecurity landscape as far as Businesses are concerned?

The worldwide increase in nation-state attacks in the last year has disabled and disrupted governmental websites, critical infrastructure and operational systems. With the commercial sector now facing the same tactics and techniques from ransomware, phishing and malware attacks, commercial organisations should be preparing for a cyberwar now transcending geographical boundaries.

Hackers are targeting businesses with complexity and frequency, with the intention of disrupting day-to-day operations, stealing sensitive or personal data and inflicting reputational damage. IBM’s cost of a data breach report found the global average breach cost to be AED15.98m, with the GCC average now at almost double that (AED27.4m).

Businesses should now be transitioning to a cybersecurity strategy that aims to test their defense capabilities in realistic simulated environments, mitigating risk.

Hackers also seek to inflict internal damage on systems which can leave businesses offline for weeks or even months. Both scenarios can result in top-line losses and dents in share price. By implementing government-grade cybersecurity, key stakeholders such as customers, investors and board members can be confident in their business cyber-readiness.

What are some of the best practices to build cyber resilience in the era of hybrid workforces and increased cloud deployments? How does zero trust help?

Train, train, train. Businesses need to be constantly testing their people, processes, and technology within a safe, simulated environment like a cyber-range. Mil-spec cyber ranges provide high fidelity replicas of a business’s production network allowing them to test their ability to detect, identify, and respond to a cyber-breach.

When it comes to Zero Trust Implementation, CISOs and executives are losing sleep over whether implementing a new framework will slow down operations. By deploying a business’s Zero Trust model within a cyber range, continuous user validation can be achieved without disrupting critical business workflows.

Organisations can then begin the process of continual improvements, identifying weaknesses in their defence procedures, establishing new success benchmarks and quantifiably tracking their safeguarding practices. Businesses can financially optimise their security stack, offloading unnecessary and inefficient tools.

Testing these capabilities off the production network also allows businesses to maintain their uptime whilst implementing a train-to-fail mind set. Using a cyber-range allows businesses to push their cybersecurity defence systems to their limits, placing businesses in a better position to defend and recover when a real cyberattack occurs.

How much of AI and automation is now key to successful detection and remediation in different cybersecurity solutions?

Automated cybersecurity processes in cyber range environments can allow the enhanced customisation of reusable range elements. This allows for the adaptability of ranges to suit a myriad of business needs – if an organisation wants to test a defined part of the network or against specific techniques, they can.

The importance of automation in these cybersecurity elements lies in the agile nature of attackers. Businesses need solutions that can adapt to new tactics and techniques, utilising automated knowledge bases such as MITRE ATT&CK, reducing the time to test and validate their performance against the latest attacks and vulnerabilities.