Management tactics for cyber-crisis resilience 

There’s a skills shortage in cyber-security combined with a rise in threats and a huge burnout burden. Haris Pylarinos at Hack The Box explains how leaders can achieve cyber-resilience in a turbulent world

 

Today’s organisations operate in a swirling cyber-security storm, with constantly shifting external threats to navigate. 

 

By 2025, over half of significant incidents will be attributed to human failure and a lack of talent. Seen as the most vulnerable point of exploitation, human-centred attacks are escalating at scale.  

 

To maintain resilience, businesses need to align their management’s instant response and protection strategies. Effectively communicating this across the organisation helps not only prevent crises but also limits their impact if they do occur.

 

Crisis response challenges

Timely detection and response are critical, but organisations currently face delays in identifying and responding to emerging threats.  

 

Currently, the remediation to an attack amounts to 6 days, against the 4-day SEC rule, showing how attackers are outpacing defenders and highlighting the urgent need for faster response mechanisms. 

 

When attacks do occur, CISOs are on the first line of defence, but also scrutiny. Security leaders, including CISOs and CIOs, need to lead their organisations through digital transformation, but most importantly, they need to deliver value and meet company goals with security at the core.  

 

Moreover, 88% of data breaches are said to originate from human error. Due to the high levels of stress in cyber-security roles, reduced attention leads to increased errors in performance and can ultimately be a direct threat vector. 

 

As the strategies for threat actors become more sophisticated, it’s increasingly difficult for cyber-teams to benchmark themselves against objectives. In turn, this expands the likelihood of successful attacks and reputational risk in the long term. 

 

Rapid response and protection 

The speed of response can make all the difference between containment and catastrophe. The first line of defence against cyber-threats is rapid detection.  

 

Organisations must evaluate their capabilities to swiftly identify potential issues, whether they stem from external attacks, internal vulnerabilities, or human error. However, detection alone is not sufficient.  

 

By establishing actionable response protocols, businesses can begin to mitigate threats as soon as they are detected. These programs cover topics such as phishing awareness, password hygiene, social engineering techniques, and incident reporting procedures. 

 

For these response mechanisms to be effective, collaboration and communication between cyber-security teams and non-IT decision-makers are key. This ensures that protocols are fundamentally understood and actionable regardless of department. 

 

Internal issues within crisis comms 

Despite their technical expertise, CISOs may struggle to translate complex technical jargon and cyber-security metrics into understandable terms that resonate with non-technical stakeholders.  

 

This communication gap poses significant risks, potentially hindering the board’s ability to grasp the severity of cyber-security threats and the necessary investment required to mitigate them effectively.  

 

Predefined channels, escalation procedures, and refined roles/responsibilities during a cyber-attack ensure that everyone knows what to do, who to contact, and how to communicate effectively, regardless of role or seniority. 

 

Workshops, seminars, and tabletop exercises can further provide teams with hands-on experience in evaluating cyber-security scenarios, helping teams to make informed decisions around incoming threats. 

 

These resources can also garner support from boards and executive leadership in how cyber-security investments contribute to operational resilience and customer trust, bolstering competitive advantage alongside security. 

 

Consistent threat upskilling 

This isn’t just about management strategies for high- and low-risk threats, but understanding how a team’s ability can plug these vulnerabilities, and if not, where and how those gaps in skills can be filled. 

 

Implementing proactive upskilling initiatives is crucial for empowering teams to effectively navigate cyber-incidents.  

 

By providing immersive cyber-security learning and upskilling experiences in simulated gamified environments, organisations can equip their employees with practical skills to identify and mitigate potential threats. 

 

Not only do these countermeasures involve continuous monitoring of the threat landscape, but these resources integrate threat intelligence, allowing businesses to consistently update incident response plans. 

 

By working together to solve challenges and share insights, employees strengthen their cyber-security expertise collectively, enhancing the overall security posture of the organisation. 

 

Effective management of cyber-crises demands proactive measures. By refining response protocols, fostering cross-departmental collaboration, and bridging communication gaps, organisations can bolster their resilience against evolving threats. 

 

Investing in comprehensive skills development initiatives and cultivating a culture of security awareness empowers employees to navigate incidents effectively.  

 

Continuous evaluation and adaptation of these strategies are vital in staying ahead of cyber-threats and safeguarding business operations in an increasingly volatile digital landscape.

 

---

 

Haris Pylarinos is CEO and Founder at Hack The Box 

 

Main image courtesy of iStockPhoto.com and BlackJack3D