2023-05-06 15:35:26
Think about cyber security, not from the prevention against attacks, but from a position more conscious, from how to act when access to email or company databases is lost, for example, it is what is known as cyber resiliencea relatively new term.
And it is that the issue becomes relevant if you think about the great data leaks in history: in 2013 more than 3,000 million Yahoo accounts were compromised, in 2019 the personal information of 533 million Facebook users was exposed on the internet and in 2021 data theft was presented to 700 million users on LinkedIn.
Chloe Demrovsky is an adjunct professor at New York University and is the CEO of Disaster Recovery Institute (DRI) International, a nonprofit organization founded in 1988 that helps organizations prepare for and recover from infrastructure and cyber disasters.
Cyber resilience is one of the fields in which they work the most and Demrovsky talked about this at the Claro Tech Summit, in Cartagena.
What is the difference between cybersecurity and cyberresilience?
”Cybersecurity focuses on preventing an attack from happening, while cyberresilience assumes that this will not work, experience itself says that this happens all the time. So when the data is compromised, the question is what are we going to do, what are the plans for when it happens to protect us ”.
Could it be said that cyber resilience is the next level of cybersecurity?
”Yes, because cybersecurity is risk management, that something can happen. It is like saying that a building with very strong barriers is built, that is cybersecurity, but when an emergency occurs, what happens inside? What is the plan to protect what is valuable inside? That is cyber-resilience, being very aware of the impacts and effects when a cyber attack occurs in any field of society”.
You say that cyber resilience is holistic, why?
”Because it is thought of as a process before the event occurs in order to have a plan and act when it happens. You think about the processes, the people who are harmed, the effects they can have, the data necessary to protect yourself and react. Also because it is something interdisciplinary, computer security is not just a matter for technology departments, basically it is a human error, so all people must be involved, it must be part of the culture in general”.
Read more: These are the five most common cyberattacks; know them and avoid falling into the trap
Is there a schematic to understand it better?
”Yes, it starts with cybersecurity and from there comes protect, defend, respond and recover. Each stage has its important properties, we mostly need to plan for each stage. Cybersecurity is 80% of the efforts, but we know that resilience is something more flexible, the plan to act cannot be rigid. In organizations it is important to start the culture of cyber-resilience with the leaders, in schools with teachers and in families with parents”.
What risks are you exposed to when there is no cyber resilience?
“There are many. At DRI, every year we publish a survey to find out the most important risks in companies and we find that cyberattacks can have impacts such as information leaks, natural disasters, cyberterrorism issues.”
What is the outlook like when there is a more resilient culture in the cyber field?
“We feel safer because there is a greater awareness of how to act when an attack occurs, we know what will happen in these cases and this is a responsible act.”
It may interest you: A guide to avoid being a victim of hackers
Does cyber resilience only apply to companies?
”No, this involves all the people who are on the internet, because there they deliver the data all the time, so you must also think about families and as individuals, knowing how to protect yourself and if a problem arises how to solve it”.
Does remote work increase the risk of being a victim of cyberattacks?
“Yes, a lot, because when employees work from home with different technologies, with home networks, it is very difficult for companies to control access to systems and protect data, this complicates things enormously.”
What role does Artificial Intelligence have in cyber resilience?
“Just like quantum computing, it is another of the technological advances that will be used both offensively and defensively, which is why we must focus on defensive uses, because offensive cases are going to occur, there is no turning back and that is terrible. In general, the argument is that how we use it to defend systems, companies, families, communities.
To learn more: How to beware of scammers on dating apps?
#deal #cyber #attack