With the effects of the pandemic waning, most businesses are looking to shift back into the office. The world is back on its path to becoming increasingly digitized. Continuous innovation is paving the way to an increased digital footprint globally. Across Europe, a wave of enterprises is now undergoing digital transformation and are on the way to recognizing its long-term value. However, this also means cybercriminals have increased opportunities for causing chaos and disruption, a source of concern for boards and top leadership.
In fact, attackers seem to be winning the race despite continuously increased investments in cybersecurity. Per the ENISA Threat Landscape 2024 report, availability attacks, ransomware, and data breaches continue to dominate Europe’s cybersecurity threat landscape. Ransomware incidents have surged, accounting for 24% of the total incidents reported, with attackers increasingly targeting critical infrastructure and financial services across the EU.
According to CrowdStrike, attackers move faster within the enterprise after an initial breach. The average breakout time it takes to hit patient 1 after patient 0 (the typical indicator of lateral movement) has fallen from 84 minutes to 62 minutes in the last year.
Unlike before, European businesses must now build a stronger cyber defense strategy to anticipate, model, defend, withstand, and recover from cyberattacks. Most organizations suffer from decision freeze during the crucial initial moments of a cyberattack. This gives attackers a larger window to access critical systems and data. Organizations need to limit an attack from spreading laterally while ensuring critical business operations, so they can have an operationally resilient organization. Regulatory focus on operational resilience has been around for a long time, but now it is imperative to ensure the operations of the digital business.
Enter DORA – The Digital Operational Resilience Act
Regulatory authorities are treating this as a matter of priority across all EU member states. They formally adopted DORA as of November 2022, which establishes the expectations for the ICT capabilities of financial entities and their supply chain. EU-based financial entities and third-party ICT service providers have until January 17, 2025, to comply with DORA before enforcement starts.
Notably, DORA applies to some entities typically excluded from financial regulations. For example, third-party service providers that supply financial firms with ICT systems and services—like cloud service providers and data centers—must follow DORA requirements. DORA also covers firms that provide critical third-party information services, such as credit rating services and data analytics providers.
DORA makes an entity’s management body, including Board members and executive leaders, accountable. They are expected to define appropriate risk management strategies, actively assist in executing them, and stay current on their knowledge of the ICT risk landscape. Leaders will also be held personally accountable for an entity’s failure to comply.
To comply, entities would be expected to understand the impact of the unavailability of critical digital operations. Business leaders need to know how secure their digital operations are, whether their security investments can defend against potential cyberattacks and whether their operations can continue to thrive when faced with digital disruptions.
DORA addresses comprehensive risk management across industries while harmonizing existing cybersecurity regulations for EU member states. It establishes a comprehensive approach to ICT risk management within the financial services sector. Under DORA, covered entities must develop robust ICT risk management frameworks, conduct continuous risk assessments, and diligently document cyber threats and incident response protocols. Moreover, adherence to stringent reporting requirements and the execution of digital operational resilience testing are integral facets of DORA compliance.
Being Breach Ready: From Cyber Security to Cyber Defense to Digital Resilience
In an era characterized by escalating cyber threats and heightened interconnectivity, the importance of digital resilience cannot be overstated. Traditional perimeter cybersecurity measures, such as MFA, firewalls, and EDR, are essential but often fail to provide complete protection against sophisticated threats.
Security teams should assume that every cyberattack will result in a breach. As a result, businesses should proactively prepare with a digital resilience strategy rooted in the Zero Trust security model. This way, organizations are in control and can reduce the impact of a breach by over 90%. Removing implicit trust and access permissions to prevent lateral movement will keep the enterprise well-protected, even if the perimeter defense is penetrated.
We Can Help You Achieve Breach Readiness and Operational Resilience
ColorTokens’ approach to microsegmentation is a foundational method to achieve this. It provides more granular controls on network traffic than traditional VLAN segmentation, so malware and ransomware cannot spread after an initial compromise. It is more agile and can respond to a compromise with templatized policies invoked dynamically to isolate critical business processes and quarantine compromised systems. It is pervasive, providing a centralized policy decision point that controls multiple policy enforcement points covering data center servers, cloud workloads, user endpoints, containerized microservice applications, Internet-of-Things devices, operational technology, and even legacy operating systems.
DORA is One More Reason Why the Time for Digital Resilience is Now
It is essential to elevate the focus from cyber security, where everyone is engaged in protecting assets, to digital resilience, where all elements of a business operation, viz. business owners, digital asset owners, ICT suppliers, service providers, and the cybersecurity teams collectively ensure that the business thrives even when faced with disruption.
The first step for boards and top management is to concentrate on being breach ready. It is paramount to prevent gaps in IT and cyber security operations (read: unmanaged patches, configuration errors, etc.), moving the dial from incidents to breaches to business crises. The convergence of escalating cyber threats and regulatory imperatives underscores this need for fortified digital operations and proactive cyber defense. By adhering to regulatory frameworks such as DORA and adopting innovative security solutions, organizations can navigate the evolving threat landscape with confidence, ensuring operational resilience and business continuity in the face of cyber adversity.
To learn more about how ColorTokens can help, please contact us.
