In the wake of recent ransomware outbreaks, I wanted to understand how impacted firms have evolved their thinking on cyber resilience planning and implementation. I asked the Detection and Response Team at Microsoft, who help our customers proactively and in real time to respond and recover from cyberattacks, to share their experiences. I’ve included below a few anonymized customer scenarios the team shared with me, which point to the acute need for a cyber resilience plan.

What follows is a reference framework of Microsoft capabilities which can help our customers become more agile in the face of modern attacks. In other words, this post is about mapping the road to cyber resilience.

Why cyber resilience matters

Organizations globally are highly dependent on technology to conduct personal and business-related tasks. As of the end of Q1CY2017, there were over 3.7B Internet users worldwide and this population is growing. As Internet adoption is growing, the attack surface is growing. The current cybersecurity threat landscape creates a real risk to people and assets. Therefore, organizations should maintain a balance between allowing access and managing risk. Commonly, enterprise organizations approach cybersecurity by implementing tools and technologies and personnel for “protection” and “incident response”. While this is important, the root purpose of implementing cybersecurity tools and technologies is business continuity. Enterprise organizations should also be thinking at a strategic level about the “big picture” of how to fortify their critical systems, IT infrastructure, and data centers to stay resilient in the face of human errors and cyberthreats that cause downtime. This is where a cyber resilience strategy comes into play. Organizations need to build a cyber resilience strategy and execute a cyber resilience program specifically tailored to their business needs to ensure business continuity in the event of a security incident.

According to Accenture’s “State of Cybersecurity and Digital Trust”, while 75% of all survey takers say they have high cybersecurity confidence levels, only 37% claim they have confidence in their organization’s ability to monitor for breaches and 36% claim confidence in their ability to minimize disruptions. According to Gartner, the average cost of downtime is USD $5,600 per minute—over USD $300,000 per hour. Human error is the most common contributor to downtime. Some studies conclude that human error accounts for 75% of downtime.

With organizations more reliant on IT than ever before, it is important to acknowledge business continuity and disaster response (BCDR) as a vital component to the entire organization, instead of as an issue that has implications for IT teams only. Every enterprise organization needs to be prepared to handle outages caused by unforeseen events. Downtime of critical applications and services could lead to a stop in productivity and operations, lost revenues, and lower customer confidence in the organization. A strong cyber resilience plan effectively executed can help organizations’ computer systems, IT infrastructure and data centers withstand impact from cyberthreats and human error...


Read more: Microsoft perspective on cyber resilience | Microsoft Secure Blog