Modern Cybersecurity: Modern Resilience

Modern Cybersecurity: Modern Resilience

Date: May 10, 2021

Cyber resiliency is the ability to maintain mission assurance despite being faced with adversity via cyber threats. It is critical to incorporate it at all levels of your organization, from mission or business function level to organizational level, sector level and system level. When broken down, cyber resiliency is found at the intersection of Active Cyber Defense, Zero Trust and DevSecOps:

  • Active Cyber Defense= Proactive, not reactive cybersecurity to include disrupting the attacker and/or raising the cost of the attacker while simultaneously minimizing the cost of the defender
  • Zero Trust= Trust no one; assume everyone is a potential hacker and therefore give zero trust/permissions until further verified, then continue verifying and adjust access accordingly
  • DevSecOps= Security is incorporated into every aspect of the development lifecycle

Through the confluence of these three approaches, cyber resiliency is easily attainable. Cyber resiliency includes concepts, constructs, engineering practices, and solutions for better risk management practices to be used across systems and organizations alike. Cyber resiliency must be implemented throughout system life cycle processes. According to NIST 800-160 V2 guidance, there are four main goals to achieving cyber resiliency: Anticipate, Withstand, Recover and Adapt. These goals – properties, behaviors, best practices – are fundamental to developing and maintaining cyber resilient systems.

NIST also emphasizes the aspect of trust:

“The concern for cyber resiliency focuses on aspects of trustworthiness—in particular, security and resilience—and risk from the assurance against determined adversaries (e.g., the advanced persistent threat).”

Cyber resiliency combines technologies, architectural frameworks, systems engineering processes, and operational processes to solve problems, meet stakeholder needs, and overall reduce risk to disrupting critical missions in the presence of cyber-attacks, including the Advanced Persistent Threat (APT).

“Cyber Resilience is the emergence of the 6th generation of Cybersecurity,“ said Dr. Allen Harper, EVP of Cybersecurity at T-Rex. “First came the concept of perimeter defense, in the mid 1990’s. Next, came defense in depth, in 2000. Shortly thereafter, Congress passed FISMA which requires continuous monitoring. Around 2014, the DoD and Intel communities began to discuss the concept of Active Cyber Defense (ACD). Since then, Zero Trust and DevSecOps have become more prominent. Now, in 2021, the concept of Cyber Resilience is bringing them all together.”

How can you ensure your systems remain cyber resilient? Start with these four goals:

Anticipate

Anticipate threats before they escalate. Be sure your organization is always prepared for adversity. Adversity in the cyber world, as stated in NIST 800-160 V2, “specifically includes stealthy, persistent, sophisticated, and well-resourced adversaries (i.e. the APT) who may have compromised system components and established a foothold within an organization’s systems.” Protect your organization through cyber situational awareness.

Withstand

Despite adversity, it is important to withstand all essential mission/business functions throughout. How can your organization continue to function with minimal disruption? This is the primary purpose of this goal. Despite adversarial attacks, the mission must continue.

Recover

During or after adversity, recover from any damage that may have occurred to mission/business functions. It is critical to take the necessary steps to recover your systems from any damage that has occurred, whether large-scale or small-scale.

Adapt

The threat landscape is constantly evolving. To keep up the pace, your cyber resiliency must be adaptive to changes in threat environments, technical or operational. Once you are faced with adversity, you must reconsider your approaches and adapt your methods to better predict and conquer what is yet to come.

As hackers continue to advance, IT organizations and Federal agencies alike must continue to adapt our cybersecurity strategies to maintain cyber resiliency. While traditional cybersecurity methods are centered on prevention of threats, a cyber resilient approach assumes the system will be compromised, placing increased focus on the four goals: Anticipate, Withstand, Recover and Adapt. With this assumption that the APT can always find a way in, we are better able to prepare ourselves for if/when we are faced with adversity.

For more timely and up-to-date content, subscribe to our monthly newsletter.


recently posted
DataOps: Toward an Incremental Data Process

DataOps: Toward an Incremental Data Process

Data science projects are known to have a high failure rate of up to 85% despite the nature of their important role to business. Integrating data analytics into core Information Technology (IT) capabilities can be elusive and daunting. “If we […]

FinOps: Modernizing Cost Planning and Management in Hybrid IT Environments

FinOps: Modernizing Cost Planning and Management in Hybrid IT Environments

According to the latest forecast from Gartner, Inc Worldwide, end-user spending on public cloud services is forecast to grow 23.1% in 2021 to total $332.3 billion, up from $270 billion in 2020. While cloud spending is increasing at a rapid […]

What is Zero Trust and Why Do I Need It?

What is Zero Trust and Why Do I Need It?

The traditional approach to cybersecurity, known as perimeter and defense in depth models, are not enough. Bad actors continue to evolve their methods of attack to access an organization’s most mission critical systems. How can your business withstand a cyber-attack?

How to modernize to the cloud: A Census Case History

How to modernize to the cloud: A Census Case History

The 2020 Census went online for the first time ever without a single second of downtime and zero hacks. T-Rex helped contribute to this success as the Technical Integrator. T-Rex’s Chief Technology & Innovation Officer Jason Keplinger and Chief Engineer […]