Cyber resilience is the new standard for IT systems
Cybersecurity attacks are now an inevitability. In 2018, the Directive on Security of Network and Information Systems (NIS Directive) will require organisations within the EU to meet a robust level of ‘cyber resilience’. But what exactly is it? David A. Cohen, founder and CEO of blockchain based cybersecurity company Dcntral and advisor to Hashgraph, explains that there are many ways to talk about cyber resilience. Ultimately, he describes it as the convergence of blockchain and Artificial Intelligence to enable trusted, safe, and autonomous behaviour. But what can companies do to become more cyber resilient, and how will it impact the war on cybercrime?
4 steps to increased cyber resilience
Cyber resilience demonstrates a change in the way that cybersecurity issues are viewed. Instead of hoping they won’t be attacked, businesses are beginning to accept that cybercrime is the norm. Prevention is certainly better than cure, but it’s safest to assume that a cyber breach will happen. This way, companies have a better handle on the situation if and when it does arise.
So, what can businesses do to improve their level of cyber resilience? Cohen advocates a fundamental, four stage approach – protect, learn, adapt and trust. Alongside this, companies can leverage a range of different technologies.
“There are offerings across the board and far too many to list as it based on what you are trying to protect. With the advent of the Internet of Things, there is a very large increase in cyberattack vectors. Organisations should understand the various attack vectors including network services, cloud interface, mobile interface and web interface. Once an organisation understands the attack vectors it can start to focus on what solutions to consider.”
Dcntral, for example, uses Hashgraph to allow internet users to collaborate securely online without the need for a trusted third party. This also includes making transactions.
“The Hashgraph platform provides an elegant, innovative, and new form of distributed consensus,” he says. “The platform is lightning fast, secure, fair, and unlike some blockchain based platforms, doesn’t require compute heavy proof of work. Hashgraph fits into the equation wherever there is a need for distributed consensus to support smart transactions between nodes.
A cyber resilient culture
So, the first part of building a cyber resilient business strategy is to accept that a breach is likely to happen. The next step for businesses is to apply innovative technologies to come up with a response to ensure, despite the damage caused, that the organisation ultimately survives. AI and blockchain, already two hotly debated technological tidal waves, have emerged as invaluable tools. Attitudes, however, are arguably just as important as advanced tech. Dcntral, for example, aims to deliver an open source, accessible service to help to protect enterprises.
“As we are launching an open source version of our platform which will evolve over time, we expect to be compatible with any existing firewall or security system already in place. We also expect to collaborate with global entities in terms of standards and open source solutions over time.”
Organisations across the scale have a responsibility to build up cyber resilience, but so do individuals. Encouraging the societal development of a cyber resilient culture will require the commitment of both time and resources. Fortunately, official organisations are becoming increasingly involved in understanding and strengthening cybersecurity. It’s just as well, given that cybersecurity has emerged as perhaps the biggest challenge of the digital age.
“Cybersecurity should be a base protocol of the emerging Internet of Everything (IoE) where people, processes and devices will be connected to the internet. Without this fundamental layer, enabling safe transactions will be difficult to achieve.”
Cyber resilience represents a new movement in business management that accepts the gravity of cybercrime while putting in a prescriptive plan to survive it. The entrenched cybersecurity measures of firewalls and antivirus software are, unfortunately, no longer relevant. As such, organisations should pursue sophisticated strategies that monitor, manage and manipulate IT systems so that even when attacks occur, the infrastructure is able to recover. Building cyber resilience should be something that all businesses and individuals prioritise, and at the very least consider. Thanks to the NIS Directive, many of them will have no choice.
Is your business cyber resilient? What could you do to improve your own personal cyber resilience? Have cyberattacks become inevitable? Please share your thoughts.
Sign up for our free newsletter to receive more information about how to improve your business’s cybersecurity.