Cyber resiliency is key to remodeling your cyber plan
- By Joe Richard
- May 18, 2020
In the hit HGTV series “Fixer Upper,” the goal isn’t to renovate a house by completely tearing it down and rebuilding. Instead, professionals are brought in to keep the existing foundation and structure and make some improvements. This same principle can be applied to enterprise cybersecurity.
When agencies don’t need a massive security overhaul -- just some improvements -- they should consider cyber resiliency to deliver the renovation they need. Cyber resiliency enhances traditional cybersecurity tools by ensuring mission-essential functions and operations can be conducted even when an adversary has penetrated an agency’s defenses and compromised its network.
Cyber resiliency tools can protect mission-critical systems from advanced attacks when an adversary has obtained access to a system. For example, agencies can invest in tools to protect the integrity of the software layer in critical systems by preventing unauthorized or modified applications from executing on a protected system. Or they can invest in solutions that use decoys, false paths and active defenses to prevent unauthorized access, removal or reverse engineering of sensitive data.
Although ensuring cyber resiliency requires some upfront investment, the cost of implementation is far less on a lifecycle-cost basis than relying solely on traditional cybersecurity techniques. Cyber resiliency enables organizations to withstand sophisticated cyberattacks avoiding data loss, down time and lost revenues.
Here are a few simple and cost-effective ways organizations can keep their current infrastructure while enhancing their cyber resiliency.
From invasions to failed inspections
It’s critical that agencies assume a hostile actor has already penetrated their defenses and secured escalated privileges. Adversaries are increasingly stealthy and adaptable, making it difficult to mitigate and completely eradicate the threat. By investing in cyber resiliency, agencies can, however, slow an adversary’s movement while still executing its mission.
Additionally, given cyber criminals’ skills, it is also important that agencies follow a data-centric, zero-trust approach that features encryption of users and devices to inoculate against potential weak links in the chain. By defaulting to a zero-trust environment, agencies can ensure that access is closely controlled and that identities and their attributes are verified at throughout the data lifecycle.
Grab your tool belt
Once agencies are confident in the foundation of their systems, it’s time for some light renovations -- investing in tools that ensure resiliency and keep agencies ahead of the attacks. To remain proactive, agencies should consider a multi-layered defense that addresses the unique protection needs across the hardware, software and communications layers to provide a comprehensive solution.
- Communications/network protection gives agencies tools for real-time analysis, detection and reporting of threats and anomalous activity.
- Operating system/software protection allows agencies to protect the integrity and confidentiality of critical applications and data and automate cyber event detection and responses.
- Hardware-level protection validates the integrity of hardware and firmware while preventing modifications of board initialization, system firmware and OS bootloader code.
Just as a solid foundation to a house is essential to a successful fixer-upper project, traditional information assurance controls and policies are a great first step for good security hygiene. However, they are not effective protection against advanced access and privilege threats, making a multilayered defense essential for adding resiliency to these critical systems.
Resiliency is built by establishing and extending trust through every layer of an enterprise from the critical hardware infrastructure all the way out to the data on the network. By integrating tools spanning multiple vantage points on a system, agencies can finally fight through an attack to keep their missions going. With some renovations in the form of cyber resiliency, agencies can ensure a stronger security posture.
Joe Richard is manager of the cyber resiliency portfolio, at Raytheon Intelligence & Space.