Introduction
Cyber resilience is a term that’s being talked about a lot in the industry right now, and more and more cyber risk owners are recognising that no matter how much they invest in defences, having a strong focus on resilience is essential.
At e2e-assure, we view resilience as the ability to prepare for, respond to, and recover from cyberattacks while keeping disruption to a minimum. It’s not about creating an impenetrable defence, but ensuring your organisation can adapt and thrive even when faced with inevitable breaches.
So, how do you measure your resilience, and what steps can you take to strengthen it? Let’s explore some key insights shared by our founder, Rob Demain, in our recent webinar – ‘Cyber Resilience: Extinguishing Cyber Threats Before They Spread’.
The Growing Challenge of Cyber Complexity
Modern organisations face increasingly complex IT environments. Cloud computing, AI integration, and hybrid working models have transformed operations, but they’ve also introduced layers of complexity that can be challenging to manage.
At the same time, human factors such as errors, technical debt, and reliance on outdated systems create vulnerabilities. These aren’t isolated to one company but extend across supply chains, making organisations susceptible to attacks on external partners. We investigated the importance of keeping employees at the centre of security strategies in our recent research – Futureproofing AI Adoption.
During the webinar, Rob highlighted some of the typical threats that are common today, including:
-
Stolen credentials (including API)
These include usernames, passwords, and API keys, which are often obtained through data breaches, phishing, or brute force attacks. API keys are especially valuable as they allow attackers to access applications directly, bypassing traditional user authentication methods.
-
MFA (Multi-Factor Authentication)
One such method is adversary-in-the-middle (AiTM) attacks, where attackers insert themselves into the communication between a user and the authentication server. They use this position to intercept MFA tokens or credentials, enabling unauthorised access despite the use of MFA.
-
Token theft phishing
Attackers can target authentication tokens rather than traditional login credentials. These tokens, often used in single sign-on (SSO) and other authentication frameworks, grant access without requiring passwords. By stealing these tokens through phishing campaigns or session hijacking, attackers can impersonate legitimate users and bypass login screens altogether, making them much harder to detect.
In cyber security, the stakes are heightened because of real adversaries – criminal groups, state-sponsored attackers, and opportunists exploiting every weakness. This adversarial dynamic makes resilience a vital strategy.
So, how do you prevent them from impacting your business?
Cyber Resilience: Preparing for the “When,” Not the “If”
Resilience begins with acknowledging that breaches are inevitable. As Rob puts it:
“Cyber resilience is not about creating an impenetrable barrier (contrary to popular belief!). It’s about building systems that adapt, respond, and recover quickly – ultimately making you a tough target. The earlier you can disrupt an attacker’s plans, the less impact they’ll have – and the more costly you make it for them to try again.”
At its core, resilience focuses on three objectives:
-
Minimising Disruption
How quickly can your organisation recover and resume normal operations after an attack? The faster you respond; the less damage is done. By isolating a machine immediately, you give yourself time to investigate – which is ultimately much better than allowing that attacker on your network during that time.
-
Early Detection
Identifying threats early in their lifecycle can prevent them from escalating. Comprehensive logging and robust monitoring set up through Attack Disruption enhances the effectiveness of EDR tooling. Enabling organisations to not only detect threats quickly, but most importantly respond, isolating machines and preventing the lateral movement of attackers.
-
Imposing Costs on Attackers
By disrupting attacks and making operations difficult for adversaries, you can break their business model. This approach shifts the burden onto attackers, making your organisation a less attractive target. If an attacker needs to start from scratch in order to compromise you again, they are likely to not attempt a second time.
Rob’s advice here? Practice, practice, practice:
‘You want to get to the point where you can do this like its muscle memory with minimum disruption. You can recover and restore and get back to business quickly if you continue to simulate these attacks in an exercise format and constantly test how your organisation will respond.’
Measuring and Strengthening Resilience
To evaluate your organisation’s resilience, ask yourself:
- How quickly can you detect and respond to a breach?
- Are your critical operations designed to continue with minimal disruption during an incident?
- Do your defences impose enough cost and complexity on attackers to deter them?
Tools like the Pyramid of Pain can help you assess these factors, highlighting areas for improvement.
At e2e-assure, we work alongside organisations to enhance their resilience. From refining response times to implementing attack disruption measures, our goal is to help you stay ahead of evolving threats.
Actionable Steps for Organisations
To bolster your resilience, consider the following:
- Implement 24/7 capabilities to ensure threats are detected and neutralised in real time. A Managed SOC may be of interest if outsourcing is an option for your organisation.
- Continuously test and improve your defences, practising responses to build confidence and competence.
- Invest in cyber hygiene by enforcing strong multi-factor authentication, timely patching, and comprehensive logging. Cyber hygiene is tricky to implement, but essential regardless of company size. If you’re starting off in your cyber journey, we recommend Cyber Essentials to get your provisions set up in the first instance.
- Use recognised scoring systems, like Microsoft Secure Score, to assess your current security posture and use this as a measure of your cyber hygiene.
- Partner with specialists like e2e-assure to gain tailored guidance for your unique organisation and utilise your existing human resources and technology to improve your investments and processes.
Your Next Step: Get prepared for 2025
Our latest research, Cyber Resilience 2025: Futureproofing AI Adoption, explores the key trends heading into the new year including how to tackle emerging challenges with smarter policies, secure AI strategies, and a focus on employee diligence.
Although organisations are feeling more confident in their resilience than last year; the findings show it’s vital for cyber risk owners to start looking at their resilience picture from the ground up.
You can watch the recording of the live session via Linkedn.