Building Cyber Resilience in an Age of Growing Threats

In an increasingly interconnected world, the need for robust cybersecurity infrastructure resilience is now more critical than ever. Cyberattacks pose significant threats to nations, businesses, and individuals alike, with potentially devastating consequences. It is in this context that we can learn valuable lessons from Ukraine's cyber defenders, who have faced and overcome significant challenges during the Ukraine War. By examining their experiences and strategies, we can gain insights into building a more resilient future.

This was the second keynote at Black Hat 2023 titled Phoenix Soaring: What we can learn from Ukraine's cyber defenders about building a more resilient future.

The Importance of Preparation and Planning

One of the key themes emphasized by Ukraine's cyber defenders is the significance of preparation and planning before crises occur. Deputy Chairman of Ukraine's State Service of Special Communications and Information Protection (SSSCIP), Victor Zhora, highlights the importance of continuity planning to maintain critical services amid disruptions caused by kinetic and cyberattacks. Despite facing relentless assaults from Russia, Ukraine's digital infrastructure and public services remained operational due to strong cyber hygiene practices.

Zhora advises organizations not to underestimate the impact of fundamental cybersecurity steps such as regular patching, backups, and intake monitoring. These seemingly basic practices can go a long way in preventing significant harm from cyber threats. By prioritizing cyber hygiene and incorporating it into the fabric of their operations, organizations can build a solid foundation for resilience.

Aligning Cyber Priorities With Business Goals

To achieve cyber resilience, it is crucial for organizations to align their cybersecurity priorities with their overarching business objectives. Jen Easterly, Director of the US Cybersecurity and Infrastructure Security Agency (CISA), emphasizes the need for security leaders to frame risks in relatable business terms and provide metrics that demonstrate the value of cybersecurity. By doing so, collaboration between security personnel and corporate leaders becomes more meaningful and effective.

Both Easterly and Zhora stress the importance of communicating cyber risks in a language that resonates with business decision-makers. This enables informed decision-making when allocating resources to cybersecurity initiatives. By aligning cybersecurity efforts with business goals, organizations can view cybersecurity not merely as a constraint, but as an enabler for confidently achieving their objectives.

Planning and Preparation for Crises

Resilience is not merely about reacting to incidents but also about planning and preparation in advance. Zhora recommends developing playbooks that clearly define response roles and responsibilities during crises. These playbooks ensure that personnel understand their roles and can execute them effectively when faced with a cyber crisis. Easterly suggests conducting frequent exercises to stress-test systems and processes against worst-case scenarios. Being battle-tested upfront is crucial in building resilience.

Creatively Reducing Risk

In an ever-evolving cyber landscape, defenders must think expansively and creatively about risk reduction strategies. Adversaries move swiftly, and traditional approaches may not always suffice. Easterly points to Ukraine's agile use of volunteers for defense mobilization as an example of fresh thinking. This approach highlights the importance of considering unconventional solutions to counter emerging threats.

Embracing Cybersecurity as an Enabler

Both Easterly and Zhora emphasize the need for organizations to embrace cybersecurity as an enabler for confidently achieving business objectives. Zhora notes that forgoing expansion opportunities due to cyber risks can sometimes pose greater existential threats than pressing forward despite potential dangers. Calculated risk-taking is necessary to strike a balance between fear and opportunity costs.

Evangelizing Best Practices

To build resilience at scale, Easterly calls for the widespread evangelization of cybersecurity best practices. Cybersecurity success cannot rely solely on a small group of experts; instead, concepts like basic hygiene and threat intelligence sharing must become ingrained habits throughout organizations and across business ecosystems. Everyone has a role to play in promoting resilience and staying ahead of evolving threats.

Sustainable Approaches to Security

Easterly highlights the need for secure-by-default technology, corporate cyber accountability, persistent collaboration, and shared analytics. Adopting a sustainable approach to security is essential as threats continue to grow in sophistication and complexity. By integrating these principles into their cybersecurity strategies, organizations can fortify their defenses and withstand future crises.

Learning from Ukraine's Experience

In closing, Ukraine's cyber defenders have demonstrated the power of resilience through years of shoring up their defenses. Their experiences offer valuable lessons for free societies globally as cyber instability rises. By incorporating these lessons into our own cybersecurity strategies, we can better protect our critical infrastructure, businesses, and societies from cyber threats.

Let's keep in mind the words of Deputy Chairman Victor Zhora: "Resilience stems first from basic cyber hygiene." By prioritizing cybersecurity, planning for crises, and creatively reducing risk, we can build a more resilient future.