By Marcus Almeida, Inside Sales & SMB manager at McAfee
Resilience is the ability to return to the natural state after having undergone some critical action, the ability to recover and adapt to changes. Recently, authors and scholars in the technology area coined the term “digital resilience”, related to the fact that companies must face risk, survive threats and reduce the damage caused by cyber attacks as much as possible.
Not long ago, the focus of corporate security was to avoid risk at all costs, stop threats and block attacks before they happen. However, cybercrime has evolved so much and threats have expanded to such an extent that it is no longer possible to contain the risk. In one way or another the attack will happen, it is up to companies and IT teams to face the situation and move forward with the least possible damage.
Currently, all companies, large and small, are part of a large global production chain and by entering this chain they are already taking the risk. Even if it were possible to shield a company from all threats, some of its data would, at some point, be shared with partners, customers, suppliers, financial institutions, outsourced employees, among others, and all of them are also subject to attack.
A corporation may have a very well-planned security strategy, but it can be largely affected if one of its suppliers, distributors or service providers, regardless of size, suffers some type of attack, as they are all connected.
A cyber attack can really destroy a company by blocking access to important data, leaking strategic information, corrupting financial data, etc. In addition to stopping the operation, it can also seriously affect the company's credibility. With thousands of new threats being created each day, the most important thing in the current scenario is not to avoid the risk, but to be prepared to react to the attacks.
Every security strategy must be designed considering a tripod: people, processes and technology. The technology only comes in when the other two points are already working. Without defined processes and without aware and well-trained people, technology has no effect. Several forms of complex and advanced attacks threaten companies, but most of the time, it is by clicking on a fraudulent email that we open the door for cybercriminals. Education and awareness are already having a significant effect and with little investment.
There are a number of measures capable of reducing damage in the event of an attack. The first rule is to maintain an efficient data classification process: to define which data are most critical for the business and to take care of what can or cannot be shared, to know where each information is and who has access to each critical data. In addition to the classification, it is necessary to know the information traffic, encrypt the most strategic data, invest in technologies against advanced threats at the endpoint and also never give up web filtering.
Security vendors are also adapting to the changes, creating tougher and tougher components to withstand the stride. Automated solutions, integrated platforms and increased collaboration in the sector are also among the points that must be considered to increase security and make companies more resilient.
Security needs are changing rapidly. The focus is not only to manage but to live with risk, the job of security is no longer to prevent risk, but to treat it intelligently, to assess very well what the vulnerabilities are and to avoid the compromise of catastrophic data.