By Azure Yu, Titans Briefs, The University of Texas at Austin McCombs School of Business
Cyberattacks are inevitable and costly in today’s intensively connected world. Undergoing cyberattacks will be the norm rather than the exception for all kinds of organizations, and these attacks will usually have devastating consequences. To survive in this hostile environment, companies have implemented necessary security measures such as firewalls and anti-malware, but these measures are insufficient against the inherent risks of digital networks. Greater connectivity comes with more vulnerability. Rothrock points out that C-suites must use “digital resilience” as a whole-business strategy. Digital resilience allows companies to survive attacks, contain breaches, recover, and continue to operate while under attack. Lack of digital resilience can lead to severe consequences – the 2013 Target breach was an example.
The book describes digital resilience in detail. It covers the history of networks, the technical fundamentals, and the distributed nature of the current state. It paints a vivid picture of the inevitability of a successful attack, given that over a trillion Internet of Things (IoT) devices are connected to the network and each node creates vulnerability. It provides actions business leaders can take toward achieving digital resilience. Here are the eight steps listed in the book to build deep knowledge of your data and networks:
- Verifying that the device configurations comply with relevant regulation and industry best practices.
- Modeling the network by collecting configuration and operation data of the network devices as often as necessary and without burdening the network.
- Visualizing end-to-end access and path details to see intended and unintended access among all parts of the network.
- Measuring network resilience and managing it. Rothrock explains the resilience scoring in his RedSeal system in Chapter 6.
- Identifying hidden areas of the network to manage risks in those areas – the “scary parts” and unknown part of the network can be significant security risks.
- Prioritizing vulnerability patching to allocate resources to patch the most urgent network situation.
- Verifying network security policy. It is essential to know if security policies are implemented properly in order to measure the real resilience of a network.
- Prioritizing network change control. Businesses need the capability to assess the security impact of potential or proposed changes to the network.