Plenty of people have written about the increasing costs of doing business. Many executives are focused solely on putting capital into one of two places: revenue-generating exercises or retained earnings to ensure their business can survive any forthcoming, widely expected recession. Financial backup and revenue pipeline are just sound management practices. But what about risk?
The Australian Signals Directorate responded to over 1,100 cyber security incidents in FY2023; the graph below shows the top 10 sectors impacted. Failing to incorporate cyber resilience in risk management strategies could add your business to this statistic in future years. Investing in cyber resilience goes beyond mere defence; it’s a strategic imperative to protect core operations, sustain customer trust, and maintain a competitive edge in a market where digital risks are continually evolving.
Top 10 sectors impacted by cyber security incidents in FY2023.
How do we define cyber resilience?
Cyber resilience is an organisation’s ability to continue operating despite cyber security incidents. It goes beyond preventing attacks to include effective operations during a compromise and quick recovery afterwards. It means a business can sustain essential functions with little or no downtime during and after a cyber attack.
Cyber resilience requires a combination of the right technology, processes, and trained personnel. These elements reduce operational, financial, and reputational damage by enabling quick identification, response, and recovery from cyber attacks.
A comprehensive cyber resilience strategy involves the entire organisation, including leadership, staff, partners, third-party suppliers, and customers. It focuses on proactively managing risks, threats, and vulnerabilities, especially those affecting critical information and systems.
Why should your business focus on building cyber resilience?
Increased organisational risks
Risks have increased, regardless of organisation size. Crowdstrike’s 2023 Global Threat Report documented increased cyber warfare activity in 2022. The report shows major year-on-year (YoY) increases in hacker activity targeting organisations. For example:
- 312% increase in attackers using well-known IT remote monitoring and management (RMM) applications. Using RMM tools allows attackers to avoid detection by blending into standard enterprise background noise.
- 147% increase in compromised valid accounts listed for sale on underground communities.
- 80% increase in hands-on keyboard intrusions into financial organisations.
In addition, IBM’s 2023 Cost of a Data Breach Report estimates that 82% of breaches involved data stored in cloud environments. Public, private, hybrid; it didn’t matter.
Business size does not stop threat actors
Too many small to medium businesses operate under the misconception that threat actors target large enterprises. In reality, the size of a business doesn’t deter threat actors. If there’s an opportunity for an attack, they will exploit it. Small and medium-sized businesses have become increasingly vulnerable, with attackers now using AI and machine learning to execute attacks. For example, the ASD’s latest Cyber Threat Report shows that the average cost of cyber crime rose by 14% in FY2023, costing small businesses $46,000 and medium businesses $97,200.
Adding up data breach costs
A Cohesity report sampling IT and/or SecOps decision-makers from over 3,400 organisations across APAC, EU, UK, and the US found that 71% of respondents felt they would need a business week or more to recover from an attack. 41% felt they’d need more than that. IBM’s statistics show that the average time to identify a breach is around 204 days, with a further 73 to contain it. That’s a solid business year.
Many articles across the internet have quoted that 60% of companies suffering a cyber breach go under within six months. Does it matter that the statistic comes from a 2018 article; is the number any less today? Perhaps more importantly, this was a comment on an Australian site primarily focused on small to medium enterprises.
What is needed to strengthen cyber resilience?
These facts paint a bleak picture but shouldn’t mean a throw-your-hands-in-the-air moment. Investing in cyber resilience now can save your business from financial and reputational damage in future. Focusing on these three elements will build organisational resilience:
Cyber security protections
Implementing effective protection systems is the first step. This involves implementing protections such as email security, endpoint monitoring, and vulnerability management. Additionally, you might implement user access management to protect sensitive data and systems as well as track users’ movements. Assess and address any vulnerabilities because determined threat actors will seek to exploit these.
Even the right protections won’t hold up 100% of the time. You need detection solutions for the times when a threat bypasses your defences or even originates from within. Detection solutions should monitor for suspicious activity from external and internal user accounts that access your organisational data. Suspicious activity could indicate that an attacker has breached someone’s account or you have an insider threat, such as a disgruntled employee looking for a little payback. Threat detection enables you to address breaches sooner and limit their impact.
Adapting tactics to new threats
The stats quoted above demonstrate that cyber security threats continue evolving, and so should your cyber resilience tactics. Cyber resilient organisations don’t settle with the same techniques that have worked for the last year; they revisit their strategy and quickly deploy adjustments. So, your organisation should regularly review and update cyber security strategies to respond to new threats. For example, the NIST CSF was recently revised; framework changes serve as a guide to revisit and realign your cyber security strategy.
Resilience ensures operational continuity during and after cyber attacks. The strategy goes beyond technology to involve the entire organisation, including leadership, staff, and external partners. As risks continue evolving, so should your strategies to protect the organisation. For this reason, you should revisit cyber resilience tactics regularly to ensure your business has the right protections.
Build cyber resilience with recon
What is clear is, to protect our organisations we need to invest in cyber resilience to address ongoing threats. Bringing these capabilities in-house, however, isn’t always a viable option.
recon’s managed cyber services give you access to the knowledge and skills for a full cyber security team that enhances resilience and achieves continuous outcomes without the costs of an in-house team. Visit our Cyber Security Services page for more information.