Why Security Resilience Will Become the New Normal

As they start a complicated digital transformation, moving from siloed enterprise systems to integrated multicloud services and core-to-edge applications, organizations face an unprecedented increase in threats and vulnerabilities. These threats are multiplying rapidly, affecting business processes and operations, data, operating systems, hardware, applications, networks, endpoints, and employees.

The vulnerability/threat landscape has dramatically expanded for several reasons:

• Complex, aging technical infrastructures that contain a hodgepodge of systems and vendors are increasingly unmanageable.
• A deluge of new devices is being deployed at the network’s edge.
• Bad actors have grown increasingly sophisticated and now seek to breach networks, applications (on-premises or cloud-based), and backups, using a wide range of cyberattacks, including AI-enhanced malware.
• There is a serious (some would say emergency) talent shortage of cybersecurity personnel.
• The rush to embrace work-from-home (WFH) and work-from-anywhere (WFA) arrangements for employees has exposed a multitude of security gaps in both infrastructure and user training.
• Regulatory frameworks for data protection, cybersecurity, and privacy keep changing.
• The strategy for disaster recovery (DR) and business continuity (BC) has not kept pace with the industry-wide shift to cloud and multicloud services.
• As data becomes more distributed, ubiquitous, and valuable, ensuring availability, integrity, and confidentiality becomes more challenging.

The urgency to address these issues flows from the expectation of near-zero downtime and data loss to support digital experiences of customers, employees, and partners.

Emphasizing resilience in the face of inevitable breaches

Given these realities, a new strategy is emerging. Although cyberprotection and breach prevention remain laudable goals, it is increasingly obvious that 100% protection is unattainable. Even with a vigilant IT security team, a successful cyberattack has become an absolute certainty.

“So the very first step is a business risk assessment, looking across the enterprise at its business processes and installed security tools and plans,” says Michelle Weston, director and global portfolio leader for security and resilience at Kyndryl. Many enterprises have trouble simply identifying all of their vulnerable assets, let alone creating a comprehensive program to respond and recover them, she notes.

A resilient firm must be able to recognize, continuously track, manage, and recover from sophisticated security and operational risks, she says. This ability to anticipate, protect, withstand, and recover will likely require rethinking existing data governance strategies, since cybersecurity is only one aspect of this approach. “Resilience combines cybersecurity, disaster recovery, business recovery, and a variety of data and network resilience technologies to ensure continuity during and after cyberincidents,” she says.

Automation tools that enable recovery of data and applications within business-set recovery time objectives (RTOs) are particularly important in multivendor hybrid multicloud environments, as these become business-critical. One example is Kyndryl Cloud Resiliency Orchestration, a robust suite of managed services that provides real-time monitoring and management of cloud services as well as failover and recovery of physical and virtual systems.

“Instead of pursuing invulnerability,” Weston says, “enterprises should make sure they are resilient to attacks, by making and executing plans to help ensure that future incidents, when they happen — and they will — won’t have a devastating effect on the business.”

To learn more, visit kyndrylservices.cio.com.