A survival guide for security teams
On the shore of St. Augustine, Florida, there’s an old Spanish fort that withstood two prolonged sieges in the 18th century. Despite heavy pounding by cannon fire, the fort’s walls stood strong. Their secret? The walls were built with coquina, an aggregate of seashells, coral, and limestone that absorbs cannonballs like a sponge instead of cracking like regular stone.
Some cybersecurity providers would have you believe that repelling all attacks and intrusions is the purpose of their products and services.
The truth is that no system is 100% impenetrable.
More important than impregnable defenses is cyber resilience. That’s the ability of your IT systems to recover quickly from an attack and get back to normal business.
Resilience ensures that your defenses become like the Spanish fort’s walls—rolling with the punches instead of cracking under cannon fire.
How to improve your cyber resilience
- Get the company leadership on board.
- Get the auditors on board too.
- Get the leadership, IT, and security teams on the same page.
- Adopt an ¨assume-breach¨ mentality.
- Allocate more budget to recovery and resilience.
- Clearly document disaster-recovery plans.
- Have a specific plan to recover and rebuild your Active Directory.
- Clearly define team roles and responsibilities.
- Improve communication among teams.
- Include stakeholders from all teams in recovery exercises.
- Set up out-of-band communications.
- Run full recovery drills, not just tabletops.
- Train, train, train.
- Make recovery and resilience part of the company culture
- Don´t forget third-party risk.
- Don´t be afraid to ask for help.
