Jump to content
  • Sign Up
×
×
  • Create New...

Cyber firms need to centre their own resilience

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

Cyber firms need to centre their own resilience

Information security is essentially an information risk management discipline. By rendering many information systems inoperable, the global outage precipitated by Crowdstrike prevented several companies from accessing critical business information due to unplanned and extended downtime.

The unavailability was not only to information systems, but also to related information processing. It was not only an information risk event, but it was also an information security incident. And the impact of the risk event/information security incident was high from operational, financial, reputation, legal, technological and even regulatory perspectives.

This Crowdstrike security incident most definitely represents a

This is the hidden content, please
between vendors and their customers. So what needs to be done to restore this trust?

The wrong

Automation of testing is an area where many organisations are routinely failing. For startups especially, it’s not uncommon to automate testing internally and then to quickly release updates to remediate any bugs – essentially using their customers as quality assurance (QA).

However, in recent times, more companies are incorporating this practice as part of their ‘agile methodology’ or to drive CI/CD pipeline efficiency and quickly scale the business.

More and more security companies are promising ‘Swiss army ******’ solutions whereby they provide automated updates and takeover the ongoing maintenance cycles from businesses.

The potential disaster with this is when an automated update occurs, where testing was partially or fully automated, and there are issues that weren’t picked up by automated testing systems, resulting in mass outages to businesses in critical sectors, threatening public safety.

The right

From the onset, many companies experiencing a major security incident are being generally transparent with all their stakeholders – this includes customers, partners, staff, and investors.

Crowdstrike, for example, did a solid job in this respect. They admitted they were at fault, and quickly worked with their own teams and

This is the hidden content, please
’s teams to develop a fix. Crowdstrike executive management also led the charge in reaching out to several customers offering assistance in terms of remediation and recovery. They conducted a thorough root cause analysis (RCA) and have been somewhat transparent in terms of where their security controls *******.

The company has committed to an action plan, which includes enhancements to people, process, and technology. They also seem prepared for increased regulatory intervention and oversight, especially given the incident had a material impact on critical sectors. For example, in the ********* Union (EU), legislation such as the Digital Operational Resilience Act (DORA), Network and Information Security (NIS2) Directive, and the Cyber Resilience Act will demand that Crowdstrike provide assurances to lawmakers that such incidents will not happen in the future.

What can we do better?

Going forward, organisations need to put a greater focus on business resilience, specifically around business continuity management (BCM), disaster recovery, third-party risk management (TPRM), and incident management.

Risk monitoring for multiple scenarios, including supply chain issues, is a first step. These can be added to existing risk registers, business impact analyses (BIAs), and risk and control self assessments (RCSAs).

Broader risk treatment plans can encompass, but are not limited to, greater scrutiny around product security in third-party risk assessments, more rigorous testing for vendor updates (yes, even updates from endpoint detection tools), disabling of auto-updates where feasible, staggered deployments of vendor updates, updates to incident playbooks and disaster recovery plans to address third-party risks, and the inclusion of risk simulations for third-party security incidents in cybersecurity exercises.

Niel Harper is vice chair of the

This is the hidden content, please
board of directors.



This is the hidden content, please

#Cyber #firms #centre #resilience

This is the hidden content, please

This is the hidden content, please

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept