Resilience: Inexpensive Preparation for the Worst?

The experts also pointed to human-centred organisational cyber resilience as the key solution.

 

Unfortunately, when Ita Ryan and I started exploring this finding, we found that most ‘cyber resilience’ research to date has focussed on blocking cyberattacks. Yet, organisational resilience is a much wider topic, covering dealing also with disasters: minimising the impact on clients and stakeholders, restoring service, and learning from the experience.

 

Our initial research into cyber organisational resilience identified a wide range of relatively low-cost techniques:

• The CrowdStrike incident would have been far less damaging if CrowdStrike had adopted the ‘canary release’ practice of updating a subset of the live machines before the rest.
• ‘Honeytrap’ card details in a database of payment cards raise an alert when used, reducing the social damage of a mass card theft.
• Service loss can be much smaller if the subset of the data necessary for a period of manual operation is always available in an accessible form.
• Ensuring data can be entered retrospectively facilitates recovery after a period of system non-availability.
• Backups and failover replication can both support fast recovery.
• Off-site logging can permit later forensic analysis of what went wrong.

There are many other such techniques. All are ‘human-centred’ in that humans deal with the disaster; the resilience techniques provide tools for them to do so. All require changes to the software systems beforehand.

 

Customer stakeholders are unlikely to request those changes. However, software professionals can learn to understand the need and can both propose and cost the new features required.

 

We are determined to research how. Please do contact me if you are interested in the topic!

 

- Charles