How confident are you that your business will continue to operate in the event of a cyberattack? How would you recover? What would be the impact?

IT security and business continuity leaders often face these questions from their chief executives or boards. In all likelihood, they often ask themselves these questions. A strong cyber resilience strategy that provides a unified approach combining cybersecurity with data protection and disaster recovery methods can help businesses protect against and rapidly recover from disruptive cyber incidents.

In September 2020, a crippling malware attack brought down the computer systems of one of the largest hospital chains in the United States. The company had to shut down all remaining systems used for medical records, laboratories and pharmacies across nearly 250 facilities to prevent further spread of the malware. It also had to cancel surgeries and divert ambulances, while its healthcare workers switched to paper records for patients.

Around the same time, a hacker released private and confidential information on students after school district officials refused to pay ransom in return for unlocking district computer servers he had hacked into and encrypted.

Such breaches could happen to large enterprises, even those with robust security technologies in place. Today’s malware can affect systems and networks even if they seem fully patched, leading to high financial costs. For example, in April 2020 a multinational IT services company confirmed that its network was hit with Maze ransomware that encrypted its servers, disabled tools used to automate and provision devices, and inhibited work-from-home capabilities. The initial financial impact to the company was estimated to be in the range of $50 million to $70 million.

According to a recent survey by IDC, the average cost of downtime exceeds $200,000 per hour. This cost estimate includes actual loss of revenue and cost of recovery, but doesn’t include regulatory penalties, loss of reputation and long-term brand damage.

Managing complex challenges and risks

Most cybersecurity programs continue to be hamstrung by organizations’ traditional perspective of investing in prevention technologies. This is largely due to their inability to fully evaluate the complex landscape of risks and threats – often manifested in deployment of multiple point solutions that generally have a shorter shelf life. This challenge can be aggravated by the unintended vulnerabilities created by digital transformation, IoT adoption and hyper-convergence.

A large number of organizations still have aging infrastructures and processes, which makes it challenging to segment their critical workloads from other workloads using legacy network infrastructure. While many organizations have business continuity and disaster recovery plans, their existing configurations may not allow for easy recovery because they were not designed to be resilient against destructive cyberattacks. In addition, existing incident response plans and playbooks may not be effective against evolving cyber threats.

And it doesn’t stop there. Let’s look at some of the other risks and challenges:

  • Cloud migration: The trend of workload migration to cloud is rapid and pervasive. But most organizations face challenges understanding dependencies and prioritizing what data and workloads to protect.
  • Shadow IT: The pressure for innovation and faster time to market, BYOD and the simplicity and agility of public cloud experience, coupled with legacy central IT procurement processes, fuel increased use of shadow IT.
  • Shortage of skills: Many recent studies point to a worsening cybersecurity skills shortage that may impact business and government organizations globally.
  • Organizational silos: Cybersecurity, business continuity and the teams that own systems and applications are siloed and have difficulty collaborating to solve critical problems.
  • Boardroom sponsorship: While the board needs access to cyber expertise for budget allocation and risk oversight and governance, security and business continuity leaders often struggle to translate IT risks into a business language the board understands.

Why build resilience?

Cybersecurity technologies have evolved by leaps and bounds during the past few years. We are getting better at securing our network perimeters, and threat intelligence today is powered by AI and machine learning. But adversaries are now as equipped and resourceful as legitimate business organizations – and they only need to get it right once, while we need to be right all the time. In the recent IDC survey, 73% of respondents indicated that they had experienced major security breaches of their IaaS environments in the past two years that involved the spending of significant extra resources to rectify. In fact, the median number of breaches in that time frame was 2.0.

With attacks becoming more malicious and techniques more advanced, the strategies and plans to mitigate the impacts of such attacks must also change. Businesses need new technologies and practices to survive and adapt to today’s cyber outage scenarios. Traditional recovery plans must change to support these new scenarios, and it will require new thinking and teaming between disaster recovery and security teams.

As IT and information security executives struggle to determine the appropriate technology areas to spend their limited budgets on, it is imperative that they take a holistic view of IT risks and build a robust cyber resilience program to keep their business processes and operations functional during and after a cyberattack. With a cyber-resilient environment, IT can be at the forefront of fostering relationships with business leaders and partnering with them to confidently drive their digital transformation journey forward.

Minimize the business impact of cyber attack by recovering quickly with an orchestrated resilience approach

Was this article helpful?

More from Business transformation

Business process management (BPM) examples

7 min read - Business Process Management (BPM) is a systematic approach to managing and streamlining business processes. BPM is intended to help improve the efficiency of existing processes, with the goal of increasing productivity and overall business performance. BPM is often confused with other seemingly similar initiatives. For example, BPM is smaller in scale than business process reengineering (BPR), which radically overhauls or replaces processes. Conversely, it has a larger scope than task management, which deals with individual tasks, and project management, which…

Using generative AI to accelerate product innovation

3 min read - Generative artificial intelligence (GenAI) can be a powerful tool for driving product innovation, if used in the right ways. We’ll discuss select high-impact product use cases that demonstrate the potential of AI to revolutionize the way we develop, market and deliver products to customers. Stacking strong data management, predictive analytics and GenAI is foundational to taking your product organization to the next level.   1. Addressing customer inquiries with an AI-driven chatbot  ChatGPT distinguished itself as the first publicly accessible GenAI-powered…

Integrating AI into Asset Performance Management: It’s all about the data

3 min read - Imagine a future where artificial intelligence (AI) seamlessly collaborates with existing supply chain solutions, redefining how organizations manage their assets. If you’re currently using traditional AI, advanced analytics, and intelligent automation, aren’t you already getting deep insights into asset performance? Undoubtedly. But what if you could optimize even further? That’s the transformative promise of generative AI, which is beginning to revolutionize business operations in game-changing ways. It may be the solution that finally breaks through dysfunctional silos of business units,…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters