In light of the cost and consequences of downtime, small and midsize businesses (SMBs) need to think about more than just cyber security. Now more than ever, it’s important for SMBs and the MSPs that support them to invest in a comprehensive cyber resilience strategy. In this post, we’ll discuss the difference between the two and how you can improve your business’s cyber resilience strategy.
What is cyber resilience and why it’s important
The ability to recover from adverse events – such as a ransomware attack – and return to normal operations is referred to as “cyber resilience.” Achieving higher levels of cyber resilience is a priority for any business that relies on access to data. When employees can’t access data, whether it’s stored on the network or on their own company-issued devices, the result is more than lost productivity. Downtime and system interruptions can affect your interactions with customers and partners. It could cause you to lose out to a major competitor during a key phase of negotiations, and result in damaged reputation and lost credibility. When downtime occurs repeatedly, it drains IT resources and takes IT staff away from other key strategic priorities. That’s why, when you estimate the true cost of downtime, you have to factor in more than just the hourly cost of users who are directly impacted. It’s also why there’s a clear justification for investing in a comprehensive business cyber resilience strategy.
What’s the difference between cyber resilience vs cybersecurity?
Cybersecurity and cyber resilience are related concepts, but they’re not synonymous. While there are some areas of overlap, it’s important to distinguish between them, because the areas where they’re different can shine a spotlight on vulnerabilities that businesses should address.
Generally speaking, cybersecurity is primarily a preventive measure while cyber resilience encompasses both pro-active prevention in addition to reactive recovery (of files and data) and system restore. Cybersecurity includes defenses that are designed to identify, prevent and quickly respond to attacks before they can cause damage. These include network-level protection, antivirus, anti-phishing and even security awareness training – all measures designed to prevent bad actors from disrupting your business.
While cyber resilience encompasses preventive protection, it also considers purpose-built measures designed to mitigate threats to data after they’ve impacted the system. This includes built-in redundancy and methods for ensuring business continuity. Intrinsically, cyber resilience accepts that there’s no way to prevent 100 percent of threats to systems and data. Data loss and downtime – whether due to criminal activity, user error, hardware failure or natural disaster – can occur anytime, even with comprehensive preventive measures in place.
You can measure the efficacy of cybersecurity by the percentage of attacks thwarted and breaches prevented, whereas the measure of cyber resilience success includes recovery time (RTO), recovery point (RPO) and total system uptime.
With these important definitions and distinctions established, let’s look at a few important best practices for improving business cyber resilience through a multi-layered approach.
5 tips to improve cyber-resilience for SMBs
Tip #1: Fortify your weakest link: people
Phishing attacks continue to be the primary vector for malware distribution. Deceptive emails, attachments and web links deceive employees into downloading malicious code. As methods become more sophisticated, it becomes increasingly important to educate employees about what to watch out for and what behaviors to avoid. Ongoing security awareness training ensures employees are trained with phishing simulations, IT and security best practices, and data protection and compliance requirements. These courses are designed specifically to reduce the risk and rate of infections, and integrate a cyber resilience strategy at one of your most vulnerable access points.
Tip #2: Advanced threats require advanced antivirus
There’s no doubt, cybercriminals can be smart and well-organized. As businesses become more effective at identifying potential threats, hackers have adapted their tactics to evade network firewalls and other defenses. These evasion techniques have made it necessary for businesses to deploy internet security with threat intelligence to identify malicious attacks that otherwise look benign. An advanced business antivirus solution uses innovative technology to detect, block and remediate (by quarantining) malicious attacks that evade other, less sophisticated antivirus solutions.
Tip #3: Deploy backup policies for all business data
Businesses owe it to their customers, partners and stakeholders to have a cyber resilience plan in place that addresses the full range of data loss scenarios, including malware, accidental or malicious deletion, hardware failure and natural disasters. Since detecting and remediating data loss can be time-consuming, it’s essential to have copies of files and data for business continuity. Scheduled backup with file versioning is essential for mitigating specific types of malware, like ransomware. With backup and file versioning, you can recover a clean version of a file as it existed before the infection took place. The scheduling feature is important since leaving it up to users will eventually lead to data loss. Scheduled backup with file versioning can mean the difference between paying tens of thousands of dollars in ransom, and full recovery with no ransom payment.
Tip #4: Use the cloud to ensure remote file access
Keeping backups on-site accelerates recovery in most disaster scenarios. As an additional measure of cyber resilience, however, it’s also important to keep backups in the cloud. With so many employees working from home, having remote access to files has proven to be essential for business continuity. By keeping backup copies in the cloud, it allows users to access files remotely if there’s ever a disruption to the local network or a local site disaster. Ensuring cloud backup for servers and endpoints is essential to any cyber resilience plan. The cloud has proven itself as a vital resource for improving IT resilience through agility, which is why the ability to migrate to the cloud has also become a critical business capability.
Tip #5: Test recovery strategy regularly
It’s often said that there’s no backup without recovery. To make sure you can recover files and systems when it really matters, it’s important to test disaster recovery practices and procedures so you know you can achieve the recovery objectives for the business through enhanced cyber resilience. Disasters can be small or large. So, it’s important to have a cyber resilience health check and test simple file and folder recovery as well as large-scale system recovery. Some systems are more critical than others. For ultra-critical, tier-one systems where disruptions can be catastrophic, there’s disaster recovery as a service, which offers a secondary environment that allows for frequent testing of disaster recovery protocols. Whichever technology you deploy, a good testing guideline is once every quarter or, at a minimum, once a year to ensure the business can be cyber resilient when necessary.
Many businesses have already learned the hard way that data loss and downtime aren’t a matter of if but when. But it’s not a total disaster if you use the disruption as a learning opportunity and instigator for improving the resilience of your systems. Learn more about our cyber resilience solutions or sign up for a free trial here.
