Organizations forced to defend ever-growing cyber attack surfaces
The attack surface is exponentially growing, as cyber criminals go after operational systems and backup capabilities simultaneously, in highly sophisticated ways, according to a recent report by consulting firm Deloitte.
The firm surveyed more than 2,800 C-suite and other executives online in December 2019 about cyber security and cyber recovery protocol, and found that a majority (65 percent) said the growing threat of destructive cyber attacks is one of the top risks at their organization.
“It’s time for senior leadership to modernize risk management programs and solutions, to keep pace with the current threats and technologies, to incorporate new educational tools, technical solutions and business strategies,” the report said.
A truly viable cyber resilience program can benefit an organization’s ability to recover, respond, and be ready for a destructive cyber attack, the study said. About one quarter of the survey respondents (27 percent) think a comprehensive approach to cyber resilience would most improve their organizations’ approach address these potential “extinction-level” events.
Even organizations with fundamentally sound risk management programs will need to adapt to emerging and elusive cyber risks and the destructive impacts they present, Deloitte said. Improving cyber attack readiness, response, and recovery will require a new approach to many traditional risk domains.
Organizations will need to address shortcomings including poor access management, weak cyber hygiene, poor asset management , flat networks that allow an adversary to easily maneuver to any system, and limited business awareness of emerging threats.