Interview: IBM’s Andrea Sayles on the Role of Cyber Resilience

Interview IBMs Andrea Sayles on the Role of Cyber ResilienceAndrea Sayles is the general manager of Business Resiliency Services at IBM. The aim of Business Resiliency Services is to reduce the impact of disruptions to business operations through an orchestrated resilience approach. Resilience has become more popular in the past year as a more comprehensive approach to recovery. With over 40 years of experience at IBM, Sayles provided insight into the role of cyber resilience.

What does cyber resilience offer that traditional recovery doesn’t?

Cyber resilience combines the best practices from IT security, business continuity, disaster recovery and other disciplines to create a business strategy in line with the needs and goals of today’s digital business transformations, specifically focused on cyber-related threats. We’ve found at IBM that traditional recovery is often not capable of handling the variety of cyber threats that we see today, as a client’s data protection (backup) and disaster recovery programs are also targeted or disrupted during a cyber attack and may not be usable during the recovery.

How is the need for cyber resilience informed by the more dynamic role data holds currently?

Cyber resilience is even more important today as we see IBM clients pursuing their digital transformations with things like cloud, AI, IoT, blockchain, and data analytics. All of these innovations are helping organizations interpret critical data to reach new business insights, increasing the dependency on digital business processes, and thus increasing the risk associated with a cyber-related threat. In such a competitive landscape, protecting and recovering data quickly can have a direct impact on achieving business objectives more quickly to minimize any disruption.

How does practicing cyber resilience fit in with the path to digital transformation?

As mentioned above, the two go hand in hand for organizations of all sizes. Digital transformation has become a fact of life in today’s enterprise; without the vision and desire to evolve your business using modern tools, old and new competitors are sure to surpass you in the long run.

However, the accelerated paths to digital transformation that companies are looking for can also lead to more areas of vulnerability. Some areas of business are outsourced to save time and money, and other areas are controlled by multiple vendors. These types of heterogeneous environments require a comprehensive cyber resilience plan that can recover from attacks that come from many different directions. The more an organization is dependent on digital processes for continuous operations, the bigger the impact is of an outage, cyber or otherwise, on that organization.

Using technology like IBM Resiliency Orchestration, clients automate and orchestrate the end to end recovery process specific to their business process to maintain continuous business operations impacted by any outage, cyber or otherwise. IBM Resiliency Orchestration assists clients in the detection of abnormalities within systems configuration and protects data within an immutable and air-gap storage environment. This significantly minimizes the risk of corruption related to a cyber threat by providing “clean” and safe copies of data to validate and recover. This is all orchestrated and automated inside IBM Resiliency Orchestration with dashboards and reports providing clients confidence in their recovery and data protection program by business process, application, database or specific system.

Could you expand a bit on the five components of cyber resilience: Identify, Protect, Detect, Respond, and Recover?

This cyber resilience framework, established by the National Institute of Standard and Technology (NIST), is an essential blueprint to identify, protect, detect, respond and recover from a cyber threat while minimizing the impact on your business. At IBM we use this model to work with our clients on constructing a consistent, comprehensive cyber resilience program for their entire organization.

  • Identifying a cyber resilience plan begins by developing an organizational understanding of the risks that could arise from infrastructure, people, data, and other capabilities. From there, business leaders can determine the best ways to prioritize and orchestrate their cyber resilience efforts to minimize risk and meet their business needs.
  • Protecting your organization from attack requires visibility to spot vulnerabilities and then implement safeguards. Taking steps to disrupt malware, patch systems, and conduct regular maintenance, will go a long way to limit or minimize the impact of an attack.
  • Detecting changes in system or data configuration is one of the core components of Cyber Incident Recovery, our new IBM cyber resilience capability. This is designed to enable quick discovery of abnormalities and locate the affected data or applications. Many hackers can go unnoticed inside your environment for long periods of time, which makes the need for things like advanced analytics that much more important on a constant basis.
  • When cyberattacks reach their target, the response to recover from them has to be swift and comprehensive. Organizations should engage resources like cyber incident responders and secure communications tools to remediate attack damage and kickstart the recovery process.
  • Recovering access to critical data and applications to maintain continuous business operations is the fundamental goal of cyber resilience. If organizations consistently implement this entire framework in response to cyber-related threats, this allows clients to minimize the impacts of a cyber attack and quickly maintain continuous business operations.

Where do you think cyber resilience will go in the future?

In the years ahead, data will continue to increase exponentially, and the ability to deliver new business insights using IoT and AI will be critical for the proliferation of cyber resilience – which will allow an organization to better manage and protect their people, data, and assets.

Follow Tess

Tess Hanna

Editor at Solutions Review
Tess Hanna is an editor and writer at Solutions Review covering Backup and Disaster Recovery. She has a degree in English and Textual Studies from Syracuse University. You can contact her at thanna@solutionsreview.com
Follow Tess