The cyber resilient organization part III: Resilient defense in a hybrid IT world
Three steps forward, one step back. With each new technological innovation, new vulnerabilities and attack surfaces emerge for hackers to exploit. Hybrid IT infrastructures are quickly becoming the norm, with multi-vendor enterprise models that deploy various types of hardware and software. Regardless of a cloud-based environment’s construction, these are environments where virtual and cloud deployments form a significant majority, and need a corresponding level of focus to achieve cyber resilience.
The very idea of resilience changes when you compare a traditional, on-premises setup with a hybrid cloud environment. Abstraction and virtualization come into focus when cloud applications or storage services are in use. Attack techniques like virtual machine escape or hyperjacking (taking malicious control of the hypervisor or underlying hardware controlling virtual machines) and flawed device drivers can expose an environment to data compromises. Exposures in Industrial Control Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) environments are even more harmful, because they can directly impact people’s lives and require strict controls.
Cyber resilience in the cloud
To mitigate risks in a cloud environment, it’s critical to maintain visibility into the flow of data and other information across all layers. Keep in mind possible gaps like unnecessary services, vulnerable APIs and deficiencies in backup and disaster recovery solutions.
Some of the most important defense techniques include:
- Evaluating, reducing and controlling your attack surfaces. Control and reduce your attack surfaces and overall exposure through continuous review, defense in depth, controlling the number of trusted nodes in the system, multiple layers of countermeasures, reduction in the number of open ports and services, and implementing least privilege.
- Early application of resiliency principles in the lifecycle. Resiliency considerations should be integral to the scoping, design, build and testing phases in the system development lifecycle (SDLC). Early review and application of security and resilience principles make the overall approach proactive in nature and reduce the effort of securing the system long term. Working reactively to close vulnerabilities later is almost always more expensive.
- Key functional controls. Continuous application behavior review, technical and functional segmentation within the infrastructure, management of persistent data, identity and access management, and establishing clear trust criteria for effective privilege management are all key to ensuring data is not compromised, especially in hybrid environments.
- Dependency analysis. Review and analyze configuration, as well as upstream and downstream data flow. This will help you determine potential single points of failure, vulnerable exploitation targets and possibilities of privilege escalation due to access, so you can strengthen disaster recovery protocols, improve your backup environment, and identify the critical human resources involved in the cyber event response chain.
- Community intelligence. In an era when technology is continuously changing and advanced persistent threats are constantly finding new ways to evade technical and nontechnical controls, it’s important to watch out for inputs from the industry to see which new trends and countermeasures are being deployed.
Technological advances make it possible for organizations to use automated and intelligent cross-platform tools that can significantly reduce the time and manual overhead of failover and failback. They can also help create golden images of data for efficient recovery after a cyber attack and provide continuous monitoring of the backup and disaster recovery environments.
Becoming a cyber resilient organization is more than an abstract IT or management function in isolation. Rather, it starts with people and their grasp of the IT environment they’re working in. To achieve cyber resilience, everyone must have a stake in keeping their organization available, secure and productive. Speed of response and a proactive, risk-based approach can make all the difference between prolonged disruption and maintaining normal business operations. Weighing cost, time and effort against business impact will help your organization choose the right defense measures for its business needs.
Get the Ponemon Institute’s annual benchmark report to learn more about the impact business continuity management (BCM) can have on mitigating the consequences of a data breach, and reach out to an IBM expert to see what BCM can do for your business.