Beers with Engineers Webinar Recap: Developing a Resilient Security Strategy (Part 2)
Interestingly enough, the NIST offers several definitions of “resilience” — particularly in terms of how it relates to IT systems. But they all come down to the basic definition in Google’s English dictionary (provided by Oxford Languages): The ability to maintain the required capability in the face of adversity.
So it’s unsurprising that resilience is, or should be, a key component of an IT security strategy. After all, IT security entails dealing with a lot of adversity that can range from ransomware and other types of cybercrime to limited security budgets and lack of staff expertise. That’s why an IT security strategy that can help keep a business operational, its IT assets safe, and any downtime or data loss minimized (or, better yet, nonexistent), regardless of any type of adversity is a must.
Unfortunately, there’s no such thing as an all-in-one, guaranteed-to-be-resilient IT security strategy. But in US Signal’s Beers for Engineers
webinar, “Developing a Resilient Security Strategy,” US Signal’s director of information security and a couple of its IT security partners at GTS and Veeam discussed the various components that can help organizations increase their ability to fend off security threats and mitigate the damage if a security threat becomes a security incident.
The following covers a few of the highlights of that webinar. To get the complete story, you can watch the webinar replay here[CB1] .
Resilient Security Strategy To-do’s
In part 1 of this webinar series, the focus was on creating an incident response plan and testing it. Part 2 focuses on identifying and addressing the security gaps in that plan. That includes:
Testing (by as many different means as possible, budget allowing) and then assessing what worked, what didn’t work, and what can work better.
Documenting and assessing real-world incidents that occur (and again assessing what elements of the plan worked, didn’t work, and could or should work better.)
Compiling lessons learned from all tests and/or real-world incidents.
Determining the cost to the business of the gaps or issues identified if they’re left unresolved/unfixed.
Identifying options for how issues/security gaps can or should be addressed. Is it a matter of changing processes? Is it a staffing-related issue? Would specific tools or technologies make a difference?
Determining budget requirements for the various options, including what’s already budgeted for and what will require more backup/support to secure approval.
Considering other security threats or trends that should be addressed (as part of a proactive approach).
Reviewing, selecting, and aligning with IT security frameworks best suited to your organization.
Evaluating the need for or benefits of additional or more formal security assessments, including those that may help ensure compliance with various security frameworks.
Assessing the pros and cons of handling all aspects of IT security planning or partnering with third-party companies/managed security services providers.
Devising and implementing ways to increase overall cybersecurity and IT security awareness throughout the organization.
More to Know
Beyond the “to-do’s,” the webinar presenters touched on specific solutions and strategies for dealing with security incidents and threats. Additionally, they discussed common scenarios IT professionals experience, which requires them to employ various ways of thinking and decision-making in their approaches to IT security. Real-world, likely-relatable customer experiences were also cited.
However, reading about what was covered in the webinar is one thing. The real value is in listening to the back-and-forth discussion between the webinar participants as they built off each other’s comments and delved into many of the actual experiences, security challenges, and solution opportunities that are part of IT professionals’ daily reality.