Five tips to increase your organization's cyber resilience

Published on 15/04/2022 in Tech, tips & tricks

Cyber resilience - the ability to act quickly in the event of a cybersecurity incident - is considered a critical requirement for business continuity. These five tips are indispensable for any organization.

Five tips to increase your organization's cyber resilience

1. Make sure your organization is properly protected

Prevention is always better than cure, also in cybersecurity. Using state-of-the-art security means you stop as many attacks as possible. Reduce your attack surface through zero-trust principles application. Preventive measures do not provide total protection against hacking, but they remain the best way to reduce the number of incidents. Security is only as strong as the weakest link, so remember to involve your users in your organization's security!

2. Make backups that are isolated from the network

Attackers that want to harm your organization try to disable your important information, applications and production systems. For example by using ransomware. When that happens, they also target the backups of that information, applications and systems. It is therefore important to provide regular backups that are disconnected from the network, for example on tapes, or use immutable backups or snapshots so that you can always restore your crucial data.

Wouter Vandenbussche, Product Owner Cybersecurity at Proximus, on how to prevent cyber threats and reduce their impact.

Read the tips

3. Monitor your security environment 24/7 and discover incidents quickly

To limit the impact of a successful cyber attack, it is necessary to detect such an attack quickly. That requires continuous monitoring of your security environment that quickly analyzes suspicious situations. This, in turn, allows your organization to act quickly when an incident occurs, thus minimizing damage.

4. Apply automated quarantine, especially in the case of ransomware

When using Endpoint Detection and Response (EDR) or Security, Orchestration, Automation and Response (SOAR) solutions, responses to an incident are automated. As soon as such a solution detects suspicious activity, like file encryption, it can automatically quarantine the workstation or server. This prevents other systems from being contaminated. Firewall ports can be closed automatically to prevent further damage to your business. Once the threat has been resolved, the system can be taken out of isolation again.

5. Provide tools and processes that enable rapid recovery

When there is an incident, you need to be able to act quickly. That is why preparing a plan with all the actions needed to reduce the impact of an attack and ensure continuity of operations is a good idea. It is best to test such a plan regularly using a cybersecurity ‘fire drill’. That way, you can check whether your backups can be restored, whether the failover of your redundant systems works, etc. Having a contract with a Cybersecurity Incident Response Team (CSIRT) can be useful if you do not have enough in-house expertise to handle an incident yourself.

Do you have concerns about your organization's cybersecurity? Talk to one of our experts.

Contact our expert Opens a new window


One magazine is the Proximus B2B magazine for CIOs and IT professionals in large and medium-sized organisations.

Other articles of One