Cyber resiliency is the key to being able to resist and repel cyber threats, defeating them before they have a chance to impact your business. If you understand potential threats and can measure their potential to harm your organization, you will be better prepared to combat these, defeating them before they do you harm.
The Cloud Security Alliance (CSA), a global organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, has announced the release of Improving Metrics in Cyber Resiliency. Developed by a group of subject matter experts within the CSA community, the new white paper is designed to help enterprises develop metrics and processes to measure threats before they become cyberattacks and recover functionality lost in the wake of those attacks.
The paper also introduces two key metrics—Elapsed Time to Identify Failure (ETIF) and Elapsed Time to Identify Threat (ETIT)—and proposes that the responsibility for measuring and reporting each be transferred from companies whose systems encounter cyberattacks to those in the Intrusion Detection System (IDS) space. By doing so, researchers suggest that it would encourage the development of superior algorithms that are needed to detect anomalies and improve cyber resiliency. According to the Ponemon Institute, the average cost of a data breach for a U.S. company is in the neighborhood of $5.4 million and in 2014, in the U.S. alone, spending on cybersecurity reached more than $70 billion.
“It is our hope that this report will initiate discussion and eventually encourage competition within the intrusion detection system space,” said Dr. Senthil Arul, lead author of the document. “As more companies are storing operation assets away from local servers, it’s clear that we need to bolster asset resiliency in the cloud if we are to keep operational resiliency unaffected.”
Companies and individuals interested in supporting cyber resiliency as a CSA area of interest can contact research@cloudsecurityalliance.org for more information.
Source: PR Newswire
Summary:
Measure Cyber Threats Before They Become Cyber Attacks
Cyber resiliency is the key to being able to resist and repel cyber threats, defeating them before they have a chance to impact your business. If you understand potential threats and can measure their potential to harm your organization, you will be better prepared to combat these, defeating them before they do you harm.
