Gartner: By 2018, 40 Percent of Large Enterprises Will Have Formal Plans to Address Aggressive Cybersecurity Business Disruption Attacks

by | Feb 25, 2015

Recent Large-Scale Attacks Move Focus from Blocking and Detecting Attacks, to Detecting
and Responding to Attacks

Mumbai, India, February 24, 2015 — Although the frequency of a cybersecurity attack on a large scale is low, by 2018, 40 percent of large enterprises will have formal plans to address aggressive cybersecurity business disruption attacks, up from zero percent in 2015, according to Gartner, Inc. Business disruption attacks require new priority from chief information security officers (CISOs) and business continuity management (BCM) leaders, since aggressive attacks can cause prolonged disruption to internal and external business operations.

“Gartner defines aggressive business disruption attacks as targeted attacks that reach deeply into internal digital business operations with the express purpose of widespread business damage,” said Paul Proctor, vice president and distinguished analyst at Gartner. “Servers may be taken down completely, data may be wiped and digital intellectual property may be released on the Internet by attackers. Victim organizations could be hounded by media inquiries for response and status, and government reaction and statements may increase the visibility and chaos of the attack. Employees may not be able to fully function normally in the workplace for months. These attacks may expose embarrassing internal data via social media channels — and could have a longer media cycle than a breach of credit card or personal data.”

To combat these types of attacks, CISOs must pivot approaches from blocking and detecting attacks, to detecting and responding to attacks.

“Entirely avoiding a compromise in a large complex enterprise is just not possible, so a new emphasis toward detect and respond approaches has been building for several years, as attack patterns and overwhelming evidence support that a compromise will occur,” said Mr. Proctor. “Preventive controls, such as firewalls, antivirus and vulnerability management, should not be the only focus of a mature security program. Balancing investment in detection and response capabilities acknowledges this new reality.”

The rise of ubiquitously connected devices and the Internet of Things (IoT) has expanded the attack surface, and commands increased attention, larger budgets and deeper scrutiny by management. Digital business should not be restricted by these revelations, but emphasis must be placed on addressing technology dependencies and the impact of technology failure on business process and outcomes. Information owners should be made explicitly accountable for protecting their information resources, ensuring they will give due consideration to risks when they commission or develop new digital business solutions.

The expectation that digital business will be a successful consumer business model relies on IoT devices being “always available.” An interruption at any point during the end-to-end transaction process means that business transactions may not be completed, thereby negatively affecting customer allegiance and the revenue stream expected from the digital business offering.

As a result, the standard of due care for security program maturity will increase, with risk, security and BCM leaders getting more pressure and more support from executive boards than ever before. Executive boards have increased their attention on cybersecurity since 2012, but new revelations of business disruption attacks provide a fresh opportunity to build the new business case for cybersecurity investment and institutionalize more-proactive thinking about cybersecurity risks.

“CISOs and chief risk officers (CROs) can and should persuade executives to shift their thinking from traditional approaches toward risk, security and business continuity management. Security is not a technical problem, handled by technical people, buried somewhere in the IT department,” said Mr. Proctor. “Organizations need to start solving tomorrow’s problems now.”

Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
The First 90 Days Are Crucial for the CISO and CIO

This book arms you with insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

Similar Articles