Helping you with the resilience conversation

The key steps to implementing security resilience

Security resilience is about evolving fundamental principles in your strategy:

Preventing threats is what security used to be all about. But that reality becomes more difficult when there are on average 70 new CVEs (Common Vulnerabilities and Exposures) being released into the wild every single day, which is the case in 2022.

Watch this episode of ThreatWise TV to learn more about the vulnerabilities which have higher rates of exploitation:

Organizations are now looking to shift away from stand-alone security. A siloed security strategy that is only focused on threat prevention, and treats all alerts and threats equally, is not only inefficient – it wears defenders out. We can’t prevent everything, so we must prevent what will affect us most from a security standpoint.

That’s where a detection, response and recovery strategy comes into play. This strategy is underpinned by risk-based contextual analysis (i.e., exactly how concerned do we need to be with this new vulnerability?) and continuous trust assessment.

For your defenders running daily analysis, this is crucial to help them move from the overwhelming environments that often stem from alert fatigue.

Dealing with the latest headline threats is reactive, exhaustive, and is a large component as to why burnout is so prevalent in security. Context-centric security is a key factor to moving away from this.

Dealing with the latest headline threats is reactive, exhaustive, and is a large component as to why burnout is so prevalent in security. Context-centric security is a key factor to moving away from this.

How to approach resilience across the organization

Here, we’ve broken the organization down into four key areas,
and the impact security resilience can have:

How organizations have strengthened their operational resilience

If there's a disruption in your operations, how do you limit
that impact?

People are continuing to work from wherever. How do we make sure they have secure access to the things they need and have great experiences in doing so, while security stays out of their way?

How organizations have stepped up their organizational resilience

How do you constantly
improve your security resilience?

Case study with the NFL [National Football League]

February 13th, 2022. The biggest day in the NFL football calendar: Super Bowl.

The size and scope of Super Bowl LVI is undeniable. Well over 100 million viewers around the world, 70,000+ fans in SoFi Stadium, media from across the globe, a historic half-time musical performance, and two teams competing to be named Super Bowl LVI champions.

The resilience strategy for this event involved a strong partnership between Cisco, and the NFL’s technology teams.

Of course, there are some big challenges behind such a massive network deployment, which Cisco and the NFL needed to work through together. Our aim was to create an end-to-end Cisco plan for SoFi Stadium that would not only withstand the enormous pressures an event like the Super Bowl brings, but also ensure the fan experience was seamless and catered to their needs. 

Through consistent conversations about building resilience, Cisco helped the NFL deliver to its fans.

"We dramatically upgraded the capabilities of the network. We hyperconverged storage and the compute block, which had never been done in a building like this. Today we have 120 virtual machines that run every single operational technology application in the building as well as a few enterprise technology applications. At the same time, we dramatically upgraded the manageability and the security envelope of our network. What this all translates to is we have time to pay attention to the things that we should be paying attention to: customer experiences."

Skarpi Hedinsson, CTO of SoFi Stadium and Hollywood Park

On the security front, Cisco partnered with Tomás Maldonado, NFL Chief Information Security Officer, and his team. On a recent Security Stories podcast, Tomas talked about what success looked like, before the Super Bowl:

"For Super Bowl LVI to be a success, we required high levels of network availability, security, and business resilience. But defining success for me, was not only being successful on game day. It's also that ongoing relationship. Having constant dialogue and continuing to build on what we've implemented. And continuing to use the technology, enriching the controls and the information that we're getting. Cisco knows and understands our roadmap for the next three years."

Tomás Maldonado, NFL Chief Information Security Officer

Listen to Tomás Maldonado, NFL Chief Information Security Officer, and Brad Garnett, Director of Cisco Talos Incident Response, discuss exactly how the NFL and Cisco came together to secure Super Bowl LVI, in this Security Stories podcast interview:

The key to resilience is ensuring that security underpins the growth requirements of the organization.

The key to resilience is ensuring that security underpins the growth requirements of the organization. Allowing your strategy to deal with the unknown 10%, so you can adapt, overcome, and emerge stronger.

The NFL is also working with Cisco to build a repeatable and portable security platform and playbook for future League events. This will enable the NFL to deploy secure and resilient enterprise networks quickly and effortlessly for its high-profile events going forward.