Menu
​How partners can help businesses win the cyberattack street fight

​How partners can help businesses win the cyberattack street fight

Why cyberattacks must be viewed as large-scale business operations crises.

As the industry knows, a successful cyberattack can shut down operations - not just for a few hours, but for days and weeks.

The collateral damage, such as information leaks, reputational damage and so on, can continue for much longer.

From a partner perspective, organisations in Australia realise that more cyberattacks are to be expected in the future, and that they will grow in scale and sophistication over time.

However, Gartner research vice president Roberta Witty claims organisations rarely know that IT environments have been breached until it is too late.

“At that point, an organisation could have much of its IT infrastructure infected with malware, be subject to ransom demands for its data or other such destructive attacks that result in compromised or lost data,” Witty said.

“In the time between the initial breach and detection, the hacker team is likely to have compromised many systems and applications, systematically worked to elevate its privileges in the environment and compromised, destroyed or encrypted data.”

As partners take on the consultative mantle in a security capacity, channel value can be derived from ensuring effective enterprise-wide risk containment, with cybersecurity and business continuity management (BCM) leaders now forced to align processes.

“This requires two distinct phases,” Witty explains. “A planning phase that identifies the best practices to apply before experiencing a cyberattack, and a response and recovery phase that identifies the best practices that apply once the business is in crisis model.”

For Witty, even organisations that do have a cyber incident plan sometimes assume that an incident is an orderly affair, following a well-defined procedural pathway.

“Authors of these plans often assume that the attacker will have one mode of attack, that the incident will be a relatively simple, and brief affair, and be similar to a typical technology failure,” Witty said.

But as partners will no doubt attest, the reality is different.

“A cyberattack is a street fight,” Gartner research director, Rob McMillan, added, “You are not dealing with a technology failure, although a manufactured technology failure might be one of the methods used against your enterprise.

“Rather, a motivated individual or group of individuals that have decided to target the organisation have left the business with a messy, chaotic and long-term event.”

McMillan said cyberattacks must be viewed as large-scale business operations crises and, therefore, must be handled from an enterprise continuity of operations perspective.

“Integrating established BCM best practices into the existing computer security incident response process can boost the organisation’s ability to control the damage of a cyberattack, speed up the efforts to get back to normal operations and, therefore, reduce some of the financial impact of the cyberattack,” he added.

For example, McMillan said business impact analysis (BIA) can quickly identify if impacted IT services, operating locations, and partners/suppliers/third parties are mission-critical to the organisation.

In addition, crisis communications processes and automation set up for traditional BCM disruptions can be leveraged for a cyberattack, while business recovery and resumption plans can be used if IT services are shut down by the cyberattack and while waiting for cleansed IT services to become operational.

“Furthermore, IT disaster recovery (DR) procedures can be used to restart systems and restore data in the right sequence,” McMillan explained.

“Crisis management automation can also be used to manage the organisation’s overall response and recovery from a cyberattack.”

Going forward, partners can help ensure that there is collaboration through proactive team development and cross-team representation throughout the organisation, involving all phases of the incident cycle from planning, budgeting, strategy development, exercising, event response, program management and governance.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Gartnersecuritycyber

Featured

Slideshows

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments