3 Things geopolitical conflict teaches us about cybersecurity and resilience

The war in Ukraine yielded overnight changes in risk posture for many organizations, especially those in the critical infrastructure sector, triggering disruptions to global operations and supply chains that are just as interconnected and interdependent as we are. In addition to the disruption of services we depend on every day—like oil and gas, food and groceries, energy and utilities, and more—cyberattacks and the weaponization of digital assets are also on the rise, increasing strain on the many IT and operational environments left vulnerable in the wake of the COVID-19 pandemic.

So, what can we, as IT leaders, learn from these events?

#1: There’s no such thing as an impenetrable security strategy

Hackers are getting more skilled, stealthy and disruptive every day. New studies show that today’s cybercriminals can penetrate 93% of company networks, and growth in remote work resulting from the pandemic only increases the risk. While some hackers may be motivated by a cause—like the 400,000+ volunteers who converged on Russian government and banking websites to weaken the attack on Ukraine—most are just looking for big (often multi-million dollar) payouts.

#2: At some point, your enterprise systems will be breached

 As fatalistic as it sounds, letting go of the idea that you can prevent every attack is the first step toward optimizing your ability to recover when every second counts. While we can’t protect ourselves against everything, we can prepare to recover. When you adopt an “assume breach” mindset, you can redirect the time and energy saved toward preparing to mitigate the impact of a breach. Remember, even prize fighters go down once in a while—it’s how quickly you get up again that matters.

 #3: Security without resilience isn’t enough

 One of the most glaring gaps in enterprise security strategies we see today is a lack of resiliency planning. Many companies have security response retainers, allowing them to test policies they have in place and respond in the event of a security incident; however, those retainers can’t help with recovery after a breach.

To fill this gap, we are accelerating the launch of the Kyndryl Recovery Retainer Service to provide our most at-risk, critical infrastructure customers with qualified experts on the ground and technologies for emergency support and recovery operations. As the global situation changes and new threats emerge in real time, we’re working to forge paths forward for our customers, from applying additional controls and monitoring, to identifying anomalous activities and looking at performance data for patterns and hardware failures.

 Security and resilience go hand in hand. Where IT security focuses on keeping attackers out, resilience is everything that happens after those defenses have been breached. And while it isn’t possible to prevent every single attack, a strong resiliency strategy can get you back up and running, minimizing the impact of security breaches, optimizing recovery time, and even mitigating future risk.

The Recovery Retainer Service is available now to select Kyndryl customers, with global availability later this quarter. To learn more about how our Recovery Retainer Service can help you assess your cyber posture and recovery preparedness, please talk to your Kyndryl representative or read the solution brief.

To help customers enhance and complement their existing backup and disaster recovery, we also need partnerships that combine leading technologies and services. For instance, Kyndryl has collaborated with Dell Technologies on a solution that can help minimize the impact of cyber incidents and enable companies to quickly return to normal operations while increasing the likelihood that they can recover critical data.

In a fast-changing world, we are all in this together. It’s time for the business community and policymakers to embrace cyber resilience principles and solutions that enable our institutions to survive and thrive.