For me, there are four key parts of what makes a company resilient. The most important thing is to invest in your people – protect their mental health, first and foremost. Security is an industry notorious for people being overworked and burned out. Make sure you have the right people in the right places. Invest in their training so they know your environment and technology and are ready to respond and protect it.
The second important thing is to align your business continuity and disaster recovery (BCDR) plans with your incident response plan. Doing this will mean recovery plans for your company are driven by your critical business needs. This alignment should result in knowing where your key assets are, what other systems they communicate with, and how they operate in your network.
The third strand is finding the easy wins which provide the maximum benefit for your organization when building your cyber defense strategy. These are things like multi-factor authentication (MFA), VPN, logging your passive DNS, and having response retainers in place – all things that most companies can put into place fairly easily.
Another example would be to consider having a direct security role reporting to your CEO or board and making sure that your board is educated on the risks happening in the world in terms of cybersecurity. That’s important not only because they’re funding your investments, but also because they need to understand what the risks are to the company.
The fourth and last part of the puzzle is to know your external risks. What are your risks from third parties and the supply chain? It’s also important to have a situational awareness of the world. Events that are happening in the news, while perhaps not directly cyber-related, will have an impact on what you're protecting against.
