Menu
​How partners can help businesses win the cyberattack street fight

​How partners can help businesses win the cyberattack street fight

Why cyberattacks must be viewed as large-scale business operations crises.

As the industry knows, a successful cyberattack can shut down operations - not just for a few hours, but for days and weeks.

The collateral damage, such as information leaks, reputational damage and so on, can continue for much longer.

From a partner perspective, organisations in Australia realise that more cyberattacks are to be expected in the future, and that they will grow in scale and sophistication over time.

However, Gartner research vice president Roberta Witty claims organisations rarely know that IT environments have been breached until it is too late.

“At that point, an organisation could have much of its IT infrastructure infected with malware, be subject to ransom demands for its data or other such destructive attacks that result in compromised or lost data,” Witty said.

“In the time between the initial breach and detection, the hacker team is likely to have compromised many systems and applications, systematically worked to elevate its privileges in the environment and compromised, destroyed or encrypted data.”

As partners take on the consultative mantle in a security capacity, channel value can be derived from ensuring effective enterprise-wide risk containment, with cybersecurity and business continuity management (BCM) leaders now forced to align processes.

“This requires two distinct phases,” Witty explains. “A planning phase that identifies the best practices to apply before experiencing a cyberattack, and a response and recovery phase that identifies the best practices that apply once the business is in crisis model.”

For Witty, even organisations that do have a cyber incident plan sometimes assume that an incident is an orderly affair, following a well-defined procedural pathway.

“Authors of these plans often assume that the attacker will have one mode of attack, that the incident will be a relatively simple, and brief affair, and be similar to a typical technology failure,” Witty said.

But as partners will no doubt attest, the reality is different.

“A cyberattack is a street fight,” Gartner research director, Rob McMillan, added, “You are not dealing with a technology failure, although a manufactured technology failure might be one of the methods used against your enterprise.

“Rather, a motivated individual or group of individuals that have decided to target the organisation have left the business with a messy, chaotic and long-term event.”

McMillan said cyberattacks must be viewed as large-scale business operations crises and, therefore, must be handled from an enterprise continuity of operations perspective.

“Integrating established BCM best practices into the existing computer security incident response process can boost the organisation’s ability to control the damage of a cyberattack, speed up the efforts to get back to normal operations and, therefore, reduce some of the financial impact of the cyberattack,” he added.

For example, McMillan said business impact analysis (BIA) can quickly identify if impacted IT services, operating locations, and partners/suppliers/third parties are mission-critical to the organisation.

In addition, crisis communications processes and automation set up for traditional BCM disruptions can be leveraged for a cyberattack, while business recovery and resumption plans can be used if IT services are shut down by the cyberattack and while waiting for cleansed IT services to become operational.

“Furthermore, IT disaster recovery (DR) procedures can be used to restart systems and restore data in the right sequence,” McMillan explained.

“Crisis management automation can also be used to manage the organisation’s overall response and recovery from a cyberattack.”

Going forward, partners can help ensure that there is collaboration through proactive team development and cross-team representation throughout the organisation, involving all phases of the incident cycle from planning, budgeting, strategy development, exercising, event response, program management and governance.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Gartnercyber

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments