{"id":18336,"date":"2021-12-17T06:50:26","date_gmt":"2021-12-17T06:50:26","guid":{"rendered":"https:\/\/www.backupassist.com\/blog\/?p=18336"},"modified":"2021-12-23T08:20:14","modified_gmt":"2021-12-23T08:20:14","slug":"how-can-smes-be-cyber-resilient-in-2022","status":"publish","type":"post","link":"https:\/\/www.backupassist.com\/blog\/how-can-smes-be-cyber-resilient-in-2022","title":{"rendered":"How can SMEs be cyber-resilient in 2022?"},"content":{"rendered":"\n

The cyber threat landscape is constantly evolving, and cyber-resilient SMEs need to be proactive. Cyber-attacks are becoming more sophisticated, and businesses must protect themselves against them. There are some tried and true ideas, such as the 3-2-1 backups<\/a>, but becoming genuinely cyber resilient requires a strategic and holistic approach.<\/p>\n\n\n\n

To help you sort through the complexity, in this blog post, we\u2019ll take a deep dive into how SMEs can be cyber-resilient in 2022.<\/p>\n\n\n\n

A crash course on cyber-resilience<\/h2>\n\n\n\n

We explored the topic of \u201cWhat is Cyber-Resilience?\u201d in a previous article<\/a>, so I\u2019ll give you the short version here. We define cyber-resilience as \u201can organization\u2019s ability to recover from an adverse cyber-event\u201d. In simple terms, that means cyber-resilience is about how well you can bounce back if something goes wrong.<\/p>\n\n\n\n

For modern SMEs, \u201csomething\u201d in this case can be a ransomware attack, a malicious user, account deletion, a natural disaster, or any number of other threats. Lack of cyber-resilience can lead to anything from being forced out of business to paying ransoms to hackers.<\/p>\n\n\n\n

That\u2019s the \u201cwhat\u201d of cyber-resilience, but the \u201chow\u201d is really where it gets interesting.<\/p>\n\n\n\n

Often, when people think of cyber-resilience, they think it\u2019s all about backup<\/a> and recovery<\/a>. While backup and recovery are important, true cyber-resilience requires a comprehensive approach that includes robust infrastructure security, cyber threat assessments, documented security policies, risk detection and management tools, and compliance audits.<\/p>\n\n\n\n

To better understand the \u201chow\u201d of cyber-resilience, let\u2019s take a useful model SMEs can use to develop a robust strategy.<\/p>\n\n\n\n

A cyber-resilience framework for SMEs<\/h2>\n\n\n\n

There have been a variety of approaches to thinking about cyber-resilience over the last decade. For example, NIST SP 800-160 Developing Cyber-Resilient Systems: A Systems Security Engineering Approach<\/a> takes a rigorous approach to cyber-resilience. Similarly, the Cybersecurity and Infrastructure Security Agency (CISA) publishes Cyber Resilience Review (CRR) resources<\/a> to help organizations assess and improve their cyber-resilience.<\/p>\n\n\n\n

However, from the perspective of the modern SME looking for a place to start, the five components of cyber-resilience outlined in Symantec\u2019s  The Cyber Resilience Blueprint: A New Perspective on Security<\/a> whitepaper provide us with the most pragmatic framework. The five components (prepare\/identify, protect, detect, respond, and recover) are robust enough to account for all the high-level considerations a SME must consider without being prohibitively complex.<\/p>\n\n\n\n

Let\u2019s look at each and how they can help you develop a plan for cyber-resilience.<\/p>\n\n\n\n

  1. Prepare \/ Identify <\/strong>\u2013 The first step is to conduct an infrastructure assessment and ask questions like: \u201cwhat are my most important assets?\u201d, \u201cwhere is my data located?\u201d, \u201cwhat security controls are already in place today?\u201d etc. These will help to determine the different systems and data that need protecting, and identify how much risk your business is willing to take for each.<\/li><\/ol>\n\n\n\n
    1. Protect <\/strong>\u2013 Here <\/strong>you take action to protect your assets and data, according to the risk profiles identified in the first step. Security appliances, endpoint protection, hardening operating systems and applications, and user education are all vital in this stage. Many breaches result from user error, and SMEs must protect against this attack vector.<\/li><\/ol>\n\n\n\n
      1. Detect <\/strong>\u2013 Detection is all about rapidly detecting threats in real-time. Technology like anti-malware engines, intrusion detection systems, and network monitoring platforms that alert IT to threats, are standard tools that can help. Early detection is key to limiting the follow on events of a breach, so investment here can pay dividends.<\/li><\/ol>\n\n\n\n
        1. Respond <\/strong>\u2013 Once <\/strong>you detect a threat, how fast can you respond to it and how effective is that response? There are security solutions that can automate this, but there will always be a human element to incident response. Notifications that get the right people aware of an issue quickly, and training so they know what to do, can support effective response.<\/li><\/ol>\n\n\n\n
          1. Recover <\/strong>\u2013 SMEs must have contingencies to account for disasters. Even with the best security tooling and planning, failure to have a reliable backup and recovery strategy can be a fatal flaw in a SME’s security posture. Because recovery is so important to a cyber-resilience strategy, we\u2019ve created the 4 pillars of cyber-recovery to help you get it right.<\/li><\/ol>\n\n\n\n

            The four pillars of cyber-recovery <\/h3>\n\n\n\n
            \"\"<\/a><\/figure><\/div>\n\n\n\n

            When designing your recovery strategy, there are 4 key pillars SMEs must account for. To make them actionable, we frame them as 4 questions you should ask when developing your recovery strategy. They are:<\/p>\n\n\n\n