Prepare for the Security Resilience Onslaught

As we get ready for the upcoming RSA Conference, I gave some thought to what the industry marketing machinery will be hyping, and in looking at my inbox for clues, I saw a clear trend. ‘Security resilience’ bubbled to the top as another buzzword in the increasingly jargon-riddled world of cybersecurity. I’m pretty sure it will be talked about a lot, which is the first step, as the vendors will try to convince you that it’s the next thing you need to focus on. Never mind that you are still struggling with the last ten things you were supposed to focus on. Details, details.

To be clear, just because security resilience is a term destined to be poked and prodded by the security industry machinery doesn’t mean it’s not a worthwhile concept. Security resilience is the ability of a system to bounce back after a cyberattack without losing any data, kind of like a rubber band that’s been stretched but returns to its original shape. Given that nobody wants their business to come crumbling down like a house of cards under a barrage of automated attacks emanating from anyone with an internet connection, you should give thought to making your systems resilient.

I like the security resilience concept because it’s also a way to connect security practices and controls to important business metrics like uptime and performance. The best way to convince folks that they need to pay attention to all the stuff you’ve been saying for years is to hit them in their wallet and, when systems go down, that’s exactly where they’ll take the hit.

Now let’s dive into the glorious, mind-numbing details of security resilience. To make it all seem less daunting, let’s break it down into four aspects: Network, applications, computing systems and endpoints. First, we have the network. It all starts on the network; if you don’t have proper isolation and threat detection, you will have a bad time. Next, we have applications, the front end of your digital experience. We talk about application security a lot, so do a quick search on things like secure coding practices, DevSecOps and locking down your production environments.

Moving on, you must fortify your computing systems, ensuring they are configured securely and leverage strong authentication where applicable. Finally, make sure your endpoints have the latest modern detection capabilities implemented, and make sure you tightly monitor the environment to respond gracefully when the endpoint is inevitably owned.

Claroty

We should wrap up with another caution about the security industry hype machine. The marketing folks are paid to take a simple concept like security resilience and turn it into a convoluted mess of acronyms, marketing jargon and sales pitches. Before you know it, you’re drowning in white papers, webinars and case studies, many of which you’ll find on Security Boulevard. LOL. All promise you an easy, one-size-fits-all solution to cyber resilience. Spoiler alert: There isn’t one.

So have fun at the RSA Conference, see your friends, learn some stuff, and start to think about the work involved in providing security resilience to your organization. Unfortunately, you can’t buy it. You’ve got to do the work.

 

Avatar photo

Mike Rothman

Mike is a 25+-year security veteran, specializing in the sexy aspects of security, such as protecting networks and endpoints, security management, compliance and helping clients navigate a secure evolution to the cloud.

mike-rothman has 38 posts and counting.See all posts by mike-rothman

Application Security Check Up