The digital revolution has been reshaping businesses at an unprecedented pace.
As industries innovate to enhance customer reach and experience, these very advancements have ushered in an era of escalating cyber threats. A global survey reported that 72% of businesses worldwide were affected by ransomware attacks in 2023 and the average cost of each data breach reached a staggering $4.45 million [1].
The main cause is the increasing reliance on online services by businesses that are arguably not ready for cyber disruptions.
The CrowdStrike Incident: A Wake-Up Call
The CrowdStrike incident of July 2024 adds a new dimension to the concept of cyber disruption and serves as a high-profile example of the critical need for operational resilience. A small error in CrowdStrike's software caused computers to crash on a massive scale, impacting millions of Windows computers and disrupting critical business operations worldwide.
While not a cyberattack, this incident underscores two facts:
The interconnectedness of the digital infrastructure is fragile and requires the careful integration of third-party solutions or services into the organization’s business processes to prevent catastrophic disruptions such as this; and,
Even renowned and established cybersecurity solutions can introduce vulnerabilities.
Today’s Attack Surface
As more sensitive and proprietary data migrates online, cybercriminals have greater incentive to exploit the vulnerabilities exposed by this rapid and widespread shift to remote work and cloud environments. Their sophisticated methods in today’s remote workforces, complex supply chains, and interconnected systems have created numerous entry points that render static defenses – which comprises our traditional security measures – inadequate and porous.
Imagine relying on a sturdy castle wall to repel enemies equipped with jets and drones. That's the outdated approach of the traditional "strong perimeters" in today's cyber landscape. Not only does it challenge the organizations’ “impenetrable” security controls, but it highlights the pressing need for a paradigm shift in operational resilience.
What You Can Do Now: “Assume Breach”
A fundamentally new approach to operational resilience is the adoption of an "assume breach" mentality. This acknowledges the inevitability of cyber intrusions and moves us away from the false security of today’s traditional controls. Shifting from a "prevent at all costs" mindset to an "assume breach" mentality isn't surrender, but a proactive preparation as we navigate the uncharted waters of the digital age. This proactive stance focuses not on preventing breaches entirely, but on mitigating their impact and ensuring the rapid recovery of the business after an attack.
The CrowdStrike incident demonstrates the tight coupling of today’s complex information systems and highlights that our usual static defense measures are not enough to address the risks of the interdependence and potential bottlenecks when our systems’ components are under stress. An assume breach posture towards operational resiliency – alongside our static defense systems – will allow a business to effectively navigate a crisis similar to CrowdStrike.
As you prepare for and assess how your business stands in this shift, we highlight that building resilience across the entire organization and at critical areas in your supply chain is key. This includes building a robust incident and disaster response plans that calls-out cyberattack as a top disaster risk scenario, succession planning for key technical personnel within the organization, active threat hunting, and consistent employee trainings. This may require sizable resource investments especially for small and medium-sized enterprises – but nothing spent without return.
What We Offer
RSM Philippines equip organizations with the tools and expertise necessary to implement this paradigm shift. Our comprehensive service suite includes:
- Diagnostics: Do you have sufficient and appropriate resilience strategies in place to prepare for a cyber-disaster? Do you have the tools to regularly assess vulnerabilities within your technology landscape? Are you people ready to face cyber-disasters?
- Governance Framework Review: Do your existing framework in managing cyber risks align with best practices and address evolving threats? Do your strategic pathways include evolving into or sustaining a resilient organization?
- Strategy Development: What cost-effective and bespoke operational resilience framework addresses your unique needs and objectives?
The Digital Trust team has extensive experience in a cyber risk-focused resiliency management consulting engagements covering various industries. Our diverse experience includes clients in banking and finance, manufacturing, wholesale and retail, holdings, and the academe to name a few.
If you want to learn more about our program and what we can offer, do not hesitate to contact us through the RSM Philippines website or you can email our Resiliency Service Leader. Karen Segovia through [email protected]. We would love to hear from you!
[1] “Annual share of companies worldwide that paid ransom and recovered data from 2018 to 2023”, Statisa; and “Cost of a Data Breach Report 2024”, IBM