Each year during Cybersecurity Awareness Month we typically hear the usual tips: don’t click suspicious links, use strong/ hard to guess passwords, enable multi-factor authentication, only use trusted wireless networks. However, there’s a key foundational concept that’s often missed, and that is Cyber Resilience.
Cyber Resilience is the capability that brings together business continuity, information security and organizational resilience to address cybersecurity as a business risk. A staggering $4.35 million was recently reported as the average global cost of a data breach by IBM Security. That’s a 12.7 percent increase from the previous year, and the highest ever figure since the study began 12 years ago.
If you can believe it, on average, Siemens sees between 4-6 billion cybersecurity relevant technical events per day across our global enterprise.Adeeb Mahmood, Head of Americas Cyber Defense Services
Strong cyber resilience enables organizations to mitigate against financial losses as well as diminished customer trust and decreased competitive advantage. So, instead of repeating the same tips you hear each year, what I want to emphasize during this Cybersecurity Awareness Month is the importance of the layers that go into building cyber resiliency and maintaining adequate cyber defenses. Following these tips will help your organization enhance its ability to prevent, withstand and recover from cybersecurity incidents.
Tip 1: practice good cyber hygiene. This is your ability to act naturally and proactively when faced with common cyber threats. Examples of adequate cyber hygiene include practices such as being vigilant and skeptical of unusual emails and requests or ensuring that all of your online accounts have multi-factor authentication enabled. In the workplace, cyber hygiene also means ensuring compliance with our information security policies and practices, such as ensuring sensitive documents are encrypted and appropriately classified.
Tip 2: understand your responsibilities as a Data Owner. Are you aware of your customer and regulatory requirements for cybersecurity? Do you know how to address those? Have you consulted your Cybersecurity Officer for guidance on how to achieve those requirements?
Tip 3: understand governance rules. These guidelines are not meant to make your life difficult. They are designed to achieve regulatory compliance and defend against evolving cyber threats. Siemens’ governance approach takes into consideration attacker tactics, emerging technologies, and guardrails used to minimize the cyber defense burden on employees. If you can believe it, on average, Siemens sees between 4-6 billion cybersecurity relevant technical events per day across our global enterprise.
With rising rates of ransomware infections, compromised personal information and other cyber breaches, we must not get complacent. Cyber threat actors are continuing to evolve their tactics and techniques to combat the public’s increasing awareness of cybersecurity best practices.
With universal vigilance, collaboration, strong cyber hygiene, and effective governance, we have what it takes to enable robust Cyber Resiliency.
Published: October 21, 2022