Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

True cyber resilience is a business enabler

Issue 4 2023 Security Services & Risk Management, Information Security


Patrick Evans.

“Cyber resilience is about much more than just cybersecurity. It’s about preventing operational disruptions of all kinds that may impact your profitability, productivity, and reputation,” says Patrick Evans, CEO of SLVA Cybersecurity.

South Africans are renowned for their resilience when facing a multitude of problems – from the high cost of living to rolling blackouts. However, the resilience of the average South African citizen is not always matched by the resilience of the businesses they run.

Your business – small or an enterprise – needs to be able to deal with things like power disruptions, unpredictable weather or civil disobedience, and for these you should have plans and contingencies ready, designed to cater for such disruptions. So when organisations are ‘secure by design’, they are more than just cyber secure, they are cyber resilient.

A resilience mindset

The problem is that too often, board members think of cyber as mainly a compliance scenario, rather than an enabler of the business. Moreover, while companies today often have a chief information security officer (CISO), they seldom receive the privilege of being part of the C-suite, and typically report to the CIO.

The reality is that cyber resilience requires a shift in the mindset and culture of the organisation. The first shift is that one needs to work from the assumption that your business operations will be interrupted at some point due to a cyberattack. This change in mindset is required by business leaders and executives, who need to start thinking about what resilient measures they can put in place across the company’s people, processes, and technology.

Until the board accepts that cybersecurity can serve as a business enabler, they won’t achieve this mind shift. And the reason it is an enabler is simple: a cyberattack will inevitably create operational disruption, which in turn impacts profitability, productivity, and even your company’s reputation in the market.

If you are a national or international business, the impact of such a disruption may be measured in millions of rands. To prevent this, business leaders have to engage in careful planning to ensure their organisations are able to withstand whatever the world throws at them.

A holistic, robust programme

Implementing a cyber resilience programme is imperative because cyber is more than IT, it is something that literally touches every part of your business. A robust programme will help you to understand which are your critical environments, the benefits they bring to the business, and the risk they pose to the company should they fail.

Such a programme views the business holistically, so for example you may need to make sure your supply chain is resilient, and that everybody you're dealing with – whether they're online or not – has the same, or similar, measures in place. You should come at this from a risk management point of view, seeking to understand the business risk first, before worrying about the cyber risk.

Of course, in order to help make the business more resilient, it is crucial that the right behaviour is inculcated in employees: How should they react in the event of a disaster? Does everybody know what the playbook looks like? How do they know what they need to do?

The question, then, is how to implement true cyber resilience. Part of the answer is to use a methodology that begins with communicating to everybody what the business is doing. You need to discover the current state of things and analyse those findings accordingly.

You also need to understand what your business-critical data and business-critical processes are. In other words, which applications are crucial to business operations. A good example is that your business may run SAP, but you still need to understand which aspects of SAP are the most critical to keep operational in a disaster.

Plan for change

Then you need to ensure that all the people that need to know the details and play a part in the plan are empowered to do that. Lastly, you need to continuously test and update the plan, because businesses aren't static, they change continuously.

Of course, being able to anticipate cyberattacks remains a key aspect of staying resilient, and there are mechanisms available to help businesses understand whether they're going to be targeted or not.

Ultimately, the best way to build cyber resilience is to first make sure that everybody understands what the business objectives are. From there, you build backwards from these objectives, determining the risks inherent in the objectives, and crafting a cybersecurity plan that has technology resilience built into it – by ensuring that the business priorities align with your people, processes and technologies and that the plan aligns to, and supports, the business effectively.

We call this secure by design.

Find out more at www.slva-cs.com




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Data resilience at VeeamON
Technews Publishing SMART Security Solutions Infrastructure Information Security
SMART Security Solutions attended the VeeamON Tour in Johannesburg in August to learn more about data resilience and Veeam’s initiatives to enhance data protection, both on-site and in the cloud.

Read more...
The role of drones in farm protection
Agriculture (Industry) Security Services & Risk Management
Laurence Palmer reminds us of the role drones play in agricultural security and offers a free security risk assessment template for downloading (link at the end of the article).

Read more...
SMART Surveillance Conference in Johannesburg
Arteco Global Africa Technews Publishing SMART Security Solutions Axis Communications SA neaMetrics Editor's Choice Surveillance Security Services & Risk Management Logistics (Industry) AI & Data Analytics
SMART Security Solutions hosted its annual SMART Surveillance Conference in Johannesburg in July, welcoming several guests, sponsors, and speakers for an informative and enjoyable day examining the evolution of the surveillance market.

Read more...
Secure data protection without hardware lock-in
Infrastructure Information Security News & Events
New Veeam Software Appliance empowers IT teams to achieve instant protection with Veeam’s fully preconfigured, software-only appliance, delivering enterprise-ready simplified deployment and operational efficiency, robust cyber resilience.

Read more...
Your Wi-Fi router is about to start watching you
News & Events Surveillance Security Services & Risk Management
Advanced algorithms are able to analyse your Wi-Fi signals and create a representation of your movements, turning your home's Wi-Fi into a motion detection and personal identification system.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...
Most wanted malware
News & Events Information Security
Check Point Software Technologies unveiled its Global Threat Index for June 2025, highlighting a surge in new and evolving threats. Eight African countries are among the most targeted as malware leaders AsyncRAT and FakeUpdates expand.

Read more...
SMARTpod talks to Sophos and Phishield
SMART Security Solutions Technews Publishing Sophos Videos Information Security News & Events
SMARTpod recently spoke with Pieter Nel, Sales Director for SADC at Sophos, and Sarel Lamprecht, MD at Phishield, about ransomware and their new cyber insurance partnership.

Read more...
Cybersecurity and insurance partnership for sub-Saharan Africa
Sophos News & Events Information Security Security Services & Risk Management
Sophos and Phishield Announce first-of-its-kind cybersecurity and insurance partnership for sub-Saharan Africa. The SMARTpod podcast, discussing the deal and the state of ransomware in South Africa and globally, is now also available.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.