As attacks become more frequent and sophisticated, and breaches more severe, Canadian businesses are beginning to take cyber resilience more seriously. However, key cybersecurity weaknesses still exist, including poor incident response planning and lack of employee awareness training.

Cyber resilience is a company’s ability to detect and respond to cyber threats in a timely and effective manner so that companies can resume operations, says Theo Van Wyk, Chief Technology Officer for Security at Scalar Decisions. “Our methodology is to prepare, defend, and respond — prepare a plan based on the company’s threat risk assessment, defend against breaches with the right technology, and, if one occurs, respond quickly and return back to a trusted state.”

The role of the C-suite

Though traditionally tucked under the IT umbrella as a security concern, a cybersecurity strategy should involve the C-suite in its design and implementation.

“Executives need to become more proficient in defining business threats, risks, and requirements for IT to properly set up a defence strategy,” Van Wyk says. “In turn, IT has to articulate their challenges as business requirements, so cybersecurity is integrated into the overall business strategy.”

Executives should also foster a culture of awareness and preparedness within their organization, and ensure that staying secure is everyone’s responsibility.

A multi-layered strategy that focuses on people, processes, and technology is crucial for cyber resilience, says Van Wyk. Yet many Canadian organizations are failing to appreciate employee risk. “Employees are often the easiest targets for hackers, yet most organizations don’t provide sufficient training to reduce the risk of human error,” he says. In fact, only 26 percent of Canadian companies train their employees to identify security attacks, such as phishing scams, or to update security software, according to the 2018 Scalar Security Study.

With digital transformation comes the rise of devices built around the Internet of Things (IoT) and the erosion of traditional workplace parameters. “Access to the cloud anywhere, anytime, and on any device renders network control less and less effective, and significantly increases vulnerability,” Van Wyk says. “Companies need to pursue solutions that provide advanced protection across all endpoints and all applications.”

Returning to a trusted state

Despite precautions, breaches can and do happen. Fortunately, solutions exist to protect sensitive data and quickly get organizations to business as usual.

Disaster Recovery as a Service (DRaaS) solutions help businesses ensure data security on the cloud. They’re based on company data, which helps ensure the solution will work effectively within the company’s cyber environment. Businesses define their recovery time objective (RTO) and their recovery point objective (RPO); the RTO dictates how quickly the company needs to have services back up after a breach, and the RPO dictates the safest point to back up the system. “It’s scalable to any type and size of business,” adds Van Wyk.

Containerization is another method of eliminating malicious programs from a cloud network. “It’s a way of splitting apps and functions into small pieces so they can run on their own,” explains Van Wyk. “They’re not interacting with the whole system, so if there’s a breach, it can be contained more effectively.” By conducting a threat risk assessment and developing a security plan, organizations can lose less data and suffer less downtime.

The sophistication of cybersecurity threats will only increase, so it’s critical that organizations keep up. One-fifth of smaller companies surveyed in Scalar’s study rated their security resources as ineffective at protecting against attacks

Van Wyk says that working with an external partner can be an efficient way for smaller companies to close security gaps. “Bringing in outside services with solution, technology, and process experience can supplement in-house security departments,” he says.