In any industry, it’s not uncommon for terms to get conflated. A policy is not a procedure. Compliance is not security. And cybersecurity is not resilience. “In a nutshell, cybersecurity describes a company’s ability to protect against and avoid the increasing threat from cybercrime. Meanwhile, cyber resilience refers to a company’s ability to mitigate damage (damage to systems, processes, and reputation), and carry on once systems or data have been compromised,” explained Forbes contributor Bernard Marr.
As we gear up for RSA Conference 2021 USA with a focus on our theme, Resilience, it’s interesting to see the many ways different organizations define the word. But resilience is not a product. It’s a strategy, and one that you can learn about by catching up on several sessions presented at RSA Conferences in years past.
Let’s look at some other aspects of resilience and other topics that made headlines this week.
Oct. 16: Though the UK’s Information Commissioner’s Office (ICO) had originally intended to fine British Airways £184 million for the 2018 data breach that impacted 400,000 customers, ICO officially announced that it would be fining the company £20 million, according to TechCrunch.
Oct. 16: In order to establish ethical guidance with regard to adopting artificial intelligence (AI) technologies, the Singapore Computer Society has published the AI Ethics & Governance Body of Knowledge (BoK), a reference guide for businesses.
Oct. 15: Two school districts in Yorktown, NY, were victims of a ransomware attack that resulted in a security breach.
Oct. 15: TikTok has partnered with HackerOne to grow a cybersecurity vulnerability disclosure program, The Hill reported.
Oct. 14: FireEye researchers have been tracking the hacking group FIN11 and reported that the hackers best known for their use of ransomware and extortion tactics have expanded their range of targets to include the health care industry, CyberScoop reported.
Oct. 14: Infosecurity magazine reported, “A hacking group is selling access to more than 50,000 hacked home security cameras, including footage of children in various states of undress, it has emerged.”
Oct. 13: Carbonite opined about the ways in which an organization might achieve cyber resilience in a guest blog on Channel Futures, noting, “Cyber resilience is the measure of the organization’s ability to keep the business running and get back to normal quickly after an attack.”
Oct. 12: Advocating for collaboration, EdTech reported on the value of purple teams in higher education, arguing, “Often working side by side, the red and blue teams communicate openly during purple team exercises to improve the blue team’s effectiveness.”
Oct. 12: After suffering a ransomware attack that forced Universal Health Services (UHS) to take many of its systems offline, the company announced, “the UHS IT Network has been restored at Corporate and across all Acute Care hospitals, enabling connections to all major systems and applications, including the Electronic Medical Record (EMR), laboratory and pharmacy.”