Embedding cyber resilience: five key areas for CISOs to focus on

How resilient are your cyber operations? CISOs are now expected to be able to confidently answer this question as there’s greater regulatory scrutiny in an environment with a slew of evolving threats – sophisticated cyber-attacks, nation-state sponsored espionage and increased digital fraud. The Financial Conduct Authority (FCA) and Prudential Regulatory Authority (PRA) have both issued guidance and plans to ensure financial services firms make operational resilience a priority.

The convergence of operational and cyber resilience remains a critical area to ensure stability and continuity. However, for CISOs, getting this right means dealing with a range of challenges.

To address them, let’s have a look at some key areas to focus on:

This is about revisiting your existing cyber security programme to get the most value out of tooling and services you already have. This asks for detailed analysis of programme capabilities to identify savings, efficiencies, and re-investment opportunities. What complicates this is the need to continuously invest in capabilities to remain ahead of threat actors.

Are you able to identify all information technology assets – not just those relevant to critical services? In nearly all cases in FS organisations, important business services are comprised of complex IT infrastructure that may span diverse logical, physical, and geographic domains across cloud, on-premises, virtual, mobile, IoT and even operational technology (OT) assets. Having a clear view of the estate is critical.

Free up resources by applying automation to repetitive activities. In the past, large teams of skilled analysts would perform tasks such as log analysis, vulnerability management and penetration testing. New technologies and machine learning can improve the mean time to detect and respond to incidents by filtering and directing teams to threats that require human action.

A centralised view of the supply chain and the underlying data can help you quantify and rank risks and guide decisions. Such capability asks for moving away from point-in-time assessments to continuous monitoring of vendors and suppliers. This lets organisations respond to the changing landscape of vendors/supplier relationships, connectivity and cyber risks based on risks and threats.

We are currently seeing many organisations cut their workforce. However, the market for cyber professionals remains buoyant. Still, CISOs recognise they need to deliver more with their current staffing levels. Therefore, many are leveraging internal support mechanisms to help their staff with recognition, workplace flexibility, stress management, career planning, training and education. The aim is to keep staff engaged, motivated and recognised for their contributions.

These areas are spread across the organisation and many of them link to one another at some point. But all of them add up to building resilience. Beyond meeting regulatory compliance, getting them right can also help build confidence among stakeholders across the board.

To discuss any of the points above or ways you can improve cyber resilience in your organisation, you can reach out to Indy Dhami.