Resilience is a collaborative effort

Issue 6 2022 Editor's Choice

Cyber resilience and cybersecurity are not the same thing, despite the efforts of many to promote a technical solution as a cyber resilience solution. Cyber resilience is about collaboration – enterprise-wide collaboration between IT and almost everyone else connected with the business.

Wayne Olsen, managing executive for cybersecurity at BCX, explains that while cyber resilience is an enterprise risk strategy designed to protect the organisation from cyber breaches and exploitation, to be cyber resilient requires collaboration. In fact, he says many of the failures of supposedly cyber resilient companies are the result of a lack of collaboration.


The foundation of cyber resilience requires collaboration between the IT department and the rest of the company, from executives to legal, HR to accounting, and so forth. Moreover, it also requires collaboration between the organisation and its supply chain, including partners and customers.

In a world where criminals are able to exploit the smallest hole in your defences, ensuring that the SME you deal with for stationery as well as the manufacturer you deal with for components supports your resilience (and vice versa) is key to managing this risk. Importantly, Olsen says it is not about ensuring they have the latest antivirus installed, but that everyone starts from within (this includes issues such as the demands of the business, data ownership, where you are vulnerable, etc.) to secure their organisation.

Based on organisational objectives

When reviewing or designing a cyber resilience programme, the CISO (chief information security officer) or someone at the executive level must take ownership of the project. No single person can do it alone, but there needs to be one central enabler. The process starts by identifying all the organisation’s assets, its processes and where it is going; and security needs to empower and enable the company to make use of its resources and accomplish its goals.

Instead of building something and then looking at security as an add-on after the fact (asking the CISO to “bubble-wrap it,” in Olsen’s words), security is part of the development process, whether you are developing software, electronic or mechanical systems, or even business processes. When security is built in from the start, it doesn’t become a burden that has to continually be updated or reworked because new features or threats break the bubble-wrap added after the development phase.

Bring your own IT

Covid-19 was responsible for an extremely fast move to digitalisation among companies, as they suddenly had to enable everyone to work from home in the span of a week. The focus was on communications and IT to make this possible, but security was left until last. The result is a big, remote world of vulnerabilities that security teams had to scramble to secure after the fact, and many are still sorting out.

Olsen says the days of BYOD (bring your own device) are long gone and with remote working it is now more a case of BYOIT (bring your own IT). The network the financial manager pays invoices from is the same one their kids use to access social media and other sites that may not be the safest. The cyber resilient organisation needs to build these risks into its resilience programme from the start or be left chasing its tail as it tries to put out fires (as has happened to many since 2020).

This relates back to asset identification and management. It’s easy to know how many employees the company has or how many cars or buildings, but what about your digital assets? Not only do you have to cater for the ‘official’ digital assets bought – computers, laptops, smartphones, etc. – but also for the devices used by people without the company knowing. And then you include the IoT world where there are billions of devices able to communicate, as well as operational systems that are also connected, and asset identification become a lot more complex.

No single thing

Olsen adds that there is “no single thing” a company can do to be cyber resilient. It’s crucial to understand the whole attack surface, which includes everything from business email compromise (BEC) vulnerabilities to product development and deployment, where speed to market often takes priority over everything else. Moreover, you need a plan (more formally known as an incident response plan).

When hit with some form of cyberattack or major equipment failure, just beating up on the security or IT guys is not constructive (and wastes time needed to recover). The company needs a plan to identify the problem, know who is responsible for that area of the business (responsible in terms of managing the defence and recovery process, not who is to blame) and implement a remediation strategy. This includes IT, HR, PR and even partner and customer relationship managers.

In summing up, Olsen explains that ‘cyber fatigue’ is a real thing, and many companies and security operators are exhausted by putting out fires in one place just to find out there are three more waiting for them to handle over the weekend. He stresses that while technology is part of the solution, buying more technology is not the solution.

Hoping technology makes you cyber resilient is like sticking a plaster (or a Band-Aid for international readers) on a gaping wound. You can keep adding more plasters but eventually they will fail, and you will see that the original wound is still there, but now it’s infected and causing more problems than ever. The CISO needs to understand that cyber resilience means getting to the cause of the problem and dealing with it there, not after a breach.

This can be assisted with automation. Just like false alarms are a curse for physical security companies, control room operators and managers, false cyber alarms are merely diversions that exhaust people and keep your eyes off the serious problems that need attention. With the number of devices that are connected and are going to be connected in the next few years, no organisation will manage the challenge of focusing on what really matters if they don’t have an automated mechanism to sift out the false alarms.

From a BCX perspective, Olsen says that the company operates a security operations centre where it offers the traditional cybersecurity monitoring services (via automated systems and skilled human operators for managed services and responses), but it sees itself as an orchestration point for customer security. It therefore also offers services such as incident response services, CISO-as-a-service, as well as SIEM-as-a-service (security information and event management) and other solutions to help companies that either don’t have the budget for a dedicated cyber resilience enabler or that can’t find the right skills.

The benefit of this approach is that all information is centrally controlled, so that a certain attack on one customer educates everyone on what to look out for to prevent it happening elsewhere – everyone includes the platform itself. Sharing information and learning from each other enables his team members to cross-skill themselves to provide a better all-round service to customers, encompassing IT and OT. A cybersecurity academy is also in the pipeline in the near future.


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Winners of the 2025 Southern Africa OSPAs
Editor's Choice
The winners of the 2025 Southern Africa Outstanding Security Performance Awards (OSPAs) were revealed on Wednesday, 4th June, at Securex South Africa. Winners from all categories (except the Lifetime Achievement) will be featured in the second Global OSPAs set to take place in 2026.

Read more...
Deepfakes and digital trust
Editor's Choice
By securing the video right from the specific camera that captured it, there is no need to prove the chain of custody for the video, you can verify the authenticity at every step.

Read more...
A new generational framework
Editor's Choice Training & Education
Beyond Generation X, and Millennials, Dr Chris Blair discusses the seven decades of technological evolution and the generations they defined, from the 1960’s Mainframe Cohort, to the 2020’s AI Navigators.

Read more...
From the editor's desk: Showtime for Securex
Technews Publishing News & Events
We have once again reached the time of year when the security industry focuses on Securex. This issue includes a short preview, with more coming online and via our special Securex Preview news briefs. ...

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Key design considerations for a control room
Leaderware Editor's Choice Surveillance Training & Education
If you are designing or upgrading a control room, or even reviewing or auditing an existing control room, there are a number of design factors that one would need to consider.

Read more...
Digitising security solutions with AI and smart integration
Regal Security Distributors SA Technews Publishing Integrated Solutions
The Regal Projects Team’s decades of experience and commitment to integration have brought the digital security guard to life as a trusted force for safer, smarter living.

Read more...
From the editor's desk: We’ve only just begun
Technews Publishing News & Events
The surveillance market has expanded far beyond the analogue days of just recording and/or monitoring screens. The capabilities of surveillance technology today extend to black screen monitoring with ...

Read more...
The future of the surveillance channel
Duxbury Networking Technews Publishing Elvey Security Technologies SMART Security Solutions Surveillance
The video surveillance market has evolved from camera-based specifications to integrated solutions that solve customers’ problems. Moreover, the growth of AI and cloud has changed the channel even more, with more to come.

Read more...
CCTV control room operator job description
Leaderware Editor's Choice Surveillance Training & Education
Control room operators are still critical components of security operations and will remain so for the foreseeable future, despite the advances of AI, which serves as a vital enhancement to the human operator.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.