By Conor O’Neill, CEO and Co-Founder, OnSecurity
In 2024, there were almost 7.8 million cyber attacks on businesses. Despite 50% of UK businesses falling victim to a cyberattack last year, only 31% of businesses had undertaken a cyber risk assessment, and only 15% had a formal cybersecurity incident management plan.
Cyberattacks are on the rise and becoming more sophisticated each year, particularly with the development of AI. Phishing attacks in the form of malicious emails have increased by 4,151% since the emergence of ChatGPT in 2022. To withstand these attacks, businesses must adjust their cyber resilience standards.
What is cyber resilience and why is it important?
While cyber security focuses on defending your business from cyber attacks, cyber resilience encompasses all facets of cybersecurity including both defence and response. The two complement each other to form a strong foundation against cyber attacks in both preventative and reactive measures.
Cyber resilience encompasses all facets of cyber security: the ability to monitor and prevent, react and respond, and contain the attack. It offers more holistic protection against emerging threats, while also empowering organisations to approach potential network risks correctly and efficiently.
Here are a few ways in which you can improve cyber resilience in your workforce:
Educating staff
The Government’s Cyber Security Breaches Survey 2023, reported that only 17% of businesses train their staff in cybersecurity. Educating employees in cybersecurity is one of the most important strategies for increasing cyber resilience across your entire company, rather than just from the source of your IT department. It is important for employees to understand their responsibility towards risk management and incident response and planning to enhance the security posture of the organisation as a whole.
Despite the increase in AI usage in cyber attacks, research reveals that human error remains the most common threat. Key training topics for your workforce may include phishing, password hygiene and two-factor authentication, all of which help secure a fundamental defence across the organisation.
All businesses should prioritise having a cybersecurity training programme in place for their employees, keeping it refreshed and up to date as the attack landscape evolves. Comprehensive staff cybersecurity training should take place at least once a year, with smaller training being rolled out as and when relevant. Employee education is the foundation of a business’ cyber defence, particularly when it comes to cyber resilience.
Self-assessment
One of the key elements to ensuring your cyber defence systems are up to date is the ability to self-monitor. One of the largest benefits of the recent increase in the use of AI in cyber resilience is its ability to continuously monitor and scan your network to alert you to potential threats.
The continual aspect of this monitoring is the most crucial. Particularly for large businesses with expansive data, having systems in place to give continual real-time insight into the threat landscape is essential for achieving complete visibility.
As well as continual monitoring, businesses need to regularly self-assess by testing their cyber security response and resilience through attack simulations. Through this, companies can assess various factors such as their incident response times, employee participation, and the success of phishing traps. Once they’ve measured the success of these simulated threats, they can assess their progress and decide which areas of their security set-up need improvement.
Incident response training
While it’s crucial to monitor, analyse and flag potential threats, the response to threats is just as important. To be truly cyber resilient, every business must have a robust incident response plan in case of a breach.
Part of that plan includes equipping employees with the tools and understanding in the event of an incident. Many businesses choose to do this by carrying out simulations and drills to test employees under the ‘pressure’ of a real-life, high-stress situation. These scenarios will mimic a real attack, (i.e. a data breach or a ransomware incident) to test employees on their reactions to a practical threat, as well as testing the company’s threat response plan as a whole.
The most crucial part of an incident response plan is communication; a clear, concise communication line is key. Employees must know who to report incidents to, as well as how to report them most clearly and efficiently to save crucial time in the event of a security incident.
Cyber resilience is about responding, not just preventing. Educating the workforce is therefore crucial in developing a comprehensive Incident Response Plan in which staff can efficiently and effectively report threats to contain them as much as possible before responding to them, minimising the risk window for potential exploitation.
