Documente Academic
Documente Profesional
Documente Cultură
Cyber Resilience
Unknown Cyber Defined Fighting
Yesterday’s
Revolutionaries
Unknowns BYOD battles Human Factor
where you stand
Understand
As desktop computer operating systems give way to well-protected, this focus on smaller companies
web-based and mobile platforms and applications, may result in their supply chain being infiltrated
criminals are evolving new digital threats to keep from below.
pace. They’re also expanding their targets to include
organizations that lack the levels of security found As a result, changes in what security experts call the
in the largest enterprises. Far from flying under the “threat landscape” are as hard to predict as they are
radar of online threats, smaller companies are more to address.
exposed than ever: 41 percent of attacks affect
organizations with fewer than 500 employees.2 And
while larger organizations may think themselves
The Unknown Unknowns
It is literally impossible to predict all the online What’s more, their ability to create and unleash
threats your organization will face, so your best digital chaos is increasing exponentially. Only the
hope of combating them is to prepare for any most knowledgeable of security experts have the
possibility. The people creating the threats may be level of expertise shared in the “black economy.”
criminals, terrorists, state-sponsored cyberspies, Your law-abiding organization is unlikely to receive
or disgruntled “hacktivists.” Their motivations a backstage pass to this underground world where
could be anything from peaceful protest to hackers exchange stolen data, sell ready-made
malicious intent, political advantage to financial malware kits, and develop new ways to secure
gain, or any combination thereof. their operations.
The Human Factor
While 84 percent of data breaches occur in hours 14 percent of cloud storage, 13 percent of social
or less, two-thirds aren’t discovered for months, media, and 11 percent of office productivity software
and 22 percent of us don’t manage to contain is implemented without the IT department’s
them for months or even years.4 Why is this? knowledge.5 In addition, Gartner data shows the
movement of IT spending to other departments is
It isn’t a lack of technology. The newest, fastest, already well under way. The marketing department
shiniest hardware or software can be necessary is a front-runner and due to outspend the IT
for your company’s digital security, yet still not department on technology by 2017.6
sufficient to ensure it. It’s the human factor—the
person reading this manifesto—that introduces In short, the human element of Cyber Risk
the greatest risk. You and I are the weakest link. within your organization is likely to be higher
outside your IT department within it. As a result,
Part of the problem is IT’s changing role within the concentrating data security knowledge and
organization. Although IT touches every department expertise in IT actually increases your risk, while
and traditionally has primary responsibility for data spreading the expertise—making your security
security, its ability to control what technology the culture all-inclusive—is a worthwhile strategy for
organization uses is slipping. While IT may still be reducing it.
a trusted advisor in purchasing technology, it’s no
longer the gatekeeper: Recent research shows that
84% initial compromises
take hours or less
12
How To Become Cyber Resilient 3
Make Cyber Resilience your
competitive advantage
Your enemies are many, unseen, and clever, made Instead of putting out fires and being the one to
of components that can form, morph, and dissolve blame when things go wrong, IT at the heart of a
fluidly as needed. Don’t try to battle them alone. Cyber Resilient organization is proactive, gathering
Join forces with other organizations that share your security intelligence from existing security
security concerns. Pool your IT security intelligence controls and technologies that already exist in
and skills to develop joint strategies that can flex your environment. This intelligence allows you to
and scale with the constant, ever-changing nature of not only respond to attacks, but also to gauge the
the threat. A security vendor with a comprehensive organization’s ability to fend off threats so executive
security intelligence network provides a holistic leaders can make well-informed decisions regarding
overview of emerging threats across companies, their cyber security strategy.
industries, and continents, while an incident
response service offers expertise when you need it.
Conclusion
Futurist and novelist Arthur C. Clarke famously 1. Setting a baseline for your organization’s
wrote, “Any sufficiently advanced technology current Cyber Resilience, effectively and soon.
is indistinguishable from magic.” The online
revolution has produced results that just a few 2. Enlisting everyone in your organization’s
years ago would have been virtually magical, all supply chain in the effort, educating him or
because of the ability to send and receive data her about the need to balance innovation with
securely. That security has become too central security.
to our daily lives not to take with the utmost
seriousness—the same level of seriousness we give 3. Leveraging the concepts behind Cyber
to power, water, talent, and other vital real-world Resilience and making use of all of your
inputs on which the comforts of our personal lives security intelligence for long-term competitive
and the stability of our global systems depend. advantage and protection.
No top-down edict is enough to mitigate the risks; We hope this Manifesto will start the chain reaction
technology moves too fast. Only an informed but necessary to get your organization moving down the
flexible grass roots movement can keep up with path to Cyber Resilience. If it has, contact the experts
the threats to our digital assets. It’s up to you and at Symantec for further assistance; our assessment
other IT professionals to lead the way: and security products and services can help you take
the next steps.
BYOD
Cloud
Baseline
IT
Core IP
Define
Cyber
Educated Business
Workforce Cyber
Strategic
Resilience Threats
Cyber
Future Resilience Supply Chain
Supply Chain
Legacy Impact
On Premise Approach Evolution
Tomorrow
Cloud
Transition
Outsourced Today
References
1 – Mary Meeker, KPCB, 2013 Internet Trends
Unstoppable movements start revolutions.
Our products and services are acknowledged
to be at the leading edge of Cyber knowledge 2 – Norton Cybercrime Report
and Symantec would like to engage with your
Cyber efforts. 3 – Symantec ISTR 2013