Cybersecurity vs cyber resilience – what is the difference?
Posted on October 11, 2023 by Louise Howland
Cybersecurity and cyber resilience may sound very similar, but they are actually very different. Cybersecurity focuses on technical measures, like anti-virus software, whereas resilience looks at your preparedness from a people and a company standpoint. Cybersecurity is very binary, it’s either there or it isn’t, whereas cyber resilience is about using those cybersecurity tools plus a combination of other factors, to keep a company secure.
What is cybersecurity?
Cybersecurity is the act of protecting and defending against incoming threats. If we were to use the analogy of a house, cybersecurity would be the equivalent of installing locks and CCTV. Cybersecurity can involve both practical measures, such as installing anti-virus software, but also keeping devices up to date, and, most importantly, training and assisting your staff with effective cybersecurity awareness. After all, a business’s human firewall is one of the greatest assets your company can have.
What is cyber resilience?
Cyber resilience is your company’s ability to mitigate damage after a cyber-attack. If we go back to the house analogy, cyber resilience would be your ability to remember to lock the doors and maintain the CCTV.
Cyber resilience involves more than cybersecurity. With cybersecurity, either something is secure or it isn’t. On the other hand, with cyber resilience, there are multiple factors to be considered, such as threat identification or having a recovery plan in place. The National Cyber Security Council (NCSC) use a four-step approach to cyber resilience:
- Prepare: Accept that you will be a victim of a cyber-attack and create plans for if this does happen.
- Absorb: When you are attacked, your company should be able to absorb the issue and retain business critical functions thanks to careful preparation.
- Recover: After the attack, your business should be able to recover well, without making the cyber-attack worse.
- Adapt: Systems, like the applications your teams use every day, need to be able to adapt to the changing world of cyber-attacks. And it’s not just your software either, your company needs to be able to flex around the risks and become familiar with them.
So, what is the difference between cybersecurity and cyber resilience?
Continuing our analogy of the house, cybersecurity is about making things definitively secure. Locks on doors, CCTV systems and burglar alarms, do make your house safer. Similarly with your devices, antivirus software, using multifactor authentication (MFA) and regular device updates, will make your device safer.
On the other hand, cyber resilience is equivalent to remembering to lock the doors and having a security company monitoring your CCTV and burglar alarm. Cyber resilience is more than just a binary “it is or it isn’t secure.” Instead, cyber resilience is about ongoing preparedness for a cyber attack. It’s your company’s long-term approach to cybersecurity training and prevention.
Which is more important: cybersecurity or cyber resilience?
The truthful answer is neither is more important, cybersecurity and cyber resilience are both as important as the other. You may have fantastic anti-virus software, but if you don’t respond to any of the threats that it alerts you to, it reduces the effectiveness of the antivirus software.
Cybersecurity measures, combined with regular and efficient cyber resilience practices, are the best route for businesses.
How can you bring cyber resilience into the workplace?
Cyber resilience can be bought into the workplace through ongoing support and preparedness, these could include:
- Phishing tests. Phishing tests are randomised tests that appear to be legitimate emails but when they are clicked they enrol the user in mandatory training. As these emails mimic what real phishing emails could be, the tests offer a real insight into where information is missing.
- Air-gapped backups. An air gap in backups means that the backups cannot be accessed through the main network at all. This means that if your data is compromised, your backups are safe.
- Threat identification software. Utilising a service like secure+ helps to understand potential threats and put in measures to stop them sooner rather than later.
- Business continuity plan. It’s worth asking yourself the following questions and recording the details in your continuity plan:
- If you have a cyber-attack and all your systems go down, do you have a plan of what you’ll need to do?
- How will you communicate to your staff that they won’t be able to work?
- Have you got a method of communication with your customers in the event of an emergency?
Do you know how cyber resilient you are?
As we’ve shown, cyber resilience isn’t just one small thing, it’s a large group of actions that need to be continuously worked on. That’s where ramsac’s cyber resilience certification comes in. We help you understand where your company currently is and what you could be doing to increase your cyber resilience. Watch the video below to learn more about our certification, or read what it offers you here.