?

Cyber Resiliency


Disaster recovery (DR) solutions can get organizations back on track when a cyber attack hits production systems. But what happens when DR systems are compromised? 


It's a worst-case scenario but an increasingly common one. More cyber attacks are being designed to silently corrupt backup data. Once these attacks are activated, organizations have no way to restore good backup data in time to meet SLAs.


Cyber resiliency goes beyond DR and business continuity (BC) solutions. By programmatically testing the integrity of backup data and isolating its flow, organizations can recover when DR and BC systems are compromised.

WWT's cybersecurity practice applies a methodology that gives organizations the business acumen, customized architectures and operational discipline they need to recover from catastrophic cyber events. 

 

Identify and align to business requirements

Because cyber resilience defends against corporate-wide attacks, it's critical to understand where the business holds the most risk. CISOs need to understand board-level objectives and concerns. CEOs, COOs and CFOs need to understand the business value of cyber resilience. 

We help CISO organizations:

  • Document the resilience drivers for their organization.
  • Identify gaps in their resilience program by assessing their current resilience posture.
  • Establish a board-approved, organizational resilience program delivery model that includes program management, management discipline scope, risk identification and management, and a governance and accountability framework.
  • Map financial and reputation damage to distinct lines of business and critical systems.

Develop a governance model

While DR and BC solutions reside within IT, cyber resilience starts at the CISO organization. This means incorporating a governance model that encompasses business, architecture and operations.

We help CISO organizations:

  • Compile and summarize information about the overall maturity level of an information security program using a comprehensive scoring matrix.
  • Understand how integrating governance, risk and compliance processes can reduce costs and mitigate or reduce risk.
  • Define a roadmap that recommends specific programs, architectures and technologies to achieve best practices and/or prescriptive regulatory compliance guidance.
  • Evaluate enterprise security posture and compliance against internationally accepted information security frameworks or regulations.

Apply automation

Meeting mandated recovery point and recovery time objectives during a catastrophic cyber event requires automating multiple systems across the enterprise. We find that relying on a single vendor's solution is cost prohibitive as too many existing investments must be ripped and replaced due to their interdependence. 

We help CISO organizations:

  • Build a zone-based, cyber resilient architecture around existing technology investments.
  • Automate across different technology domain based on the fastest path to recovery.
  • Validate proposed architectures by rapidly conducting proofs of concept.
  • Implement technology.

Establish a testing framework

Continuously validating backup recovery is key to cyber resiliency. Organizations must establish an automated CI/CD pipeline for testing, but they also must train personnel for when a catastrophic cyber event occurs. 

We help CISO organizations:

  • Validate the integrity of backup data.
  • Conduct tabletop exercises to account for the human response to a catastrophic cyber event.
  • Build playbooks for different types of attacks that can cause corporate-wide outages.
  • Access a complete portfolio of Cyber Lab Services to reduce the cost, time and risk that comes with security technology evaluation and testing.