Select your country

BelgiumBelgium

ChinaChina

DenmarkDenmark

FranceFrance

GermanyGermany

GlobalGlobal

Maghreb & West AfricaMaghreb & West Africa

NetherlandsNetherlands

NorwayNorway

South AfricaSouth Africa

SwedenSweden

SwitzerlandSwitzerland

United KingdomUnited Kingdom

Not finding what you are looking for, select your country from our regional selector:

Search

  1. United Kingdom
  2. Insights
  3. Blog
  4. Cybersecurity
  5. Navigating the complex landscape of cybersecurity and cyber resilience

Navigating the complex landscape of cybersecurity and cyber resilience

Share

In an era where digitalisation covers most aspects of our lives, cybersecurity emerges as an overriding concern. While prevention is a key part of the puzzle, resilience is just as critical, especially as many businesses are now playing a waiting game: it’s not if they get hit, but when. This sentiment was echoed by the Cy-Xplorer 2024, which reported that the number of Cyber Extortion victims grew by a record 77% over the past year.

Ensuring solid cyber resilience moves the conversation from how hard you get hit to how hard you can get hit and keep moving forward. In an era where business waits for no one, getting back up and running as quickly as possible is critical.

With help from our partners at Wiz, Netskope, and Nozomi Networks, we took the time to explore cyber resilience in relation to the cloud, networking, and IT/OT at the Orange Cyberdefense Summit 2024.

Cloud complexities  

Steven Alsop, solutions engineer at Wiz, kicked us off with the biggest cloud security challenge facing businesses: the need to understand that the cloud isn’t inherently secure. Not only is cloud infrastructure constantly changing, but it requires different security checks compared to an on-premise environment.

While he acknowledged that cloud compliance is hard – especially at pace – Steven suggested bringing cloud and security teams together is a good place to start. This can help ensure that the cloud environment is secure and stays secure. The latter is especially important as the cloud software supply chain is large and always evolving.

Shifting network traffic

According to Netskope, more than half of user egress traffic involves applications and cloud services. As this trend continues, businesses need to adapt to ensure their networks are always secure and available. Rich Beckett, solutions & strategy office EMEA at Netskope, explored the challenge of businesses being able to plan their own transformations but not having complete control over the users on their networks.

He spoke about the number of business and personal apps he checked on his phone 30 minutes after waking up as an example of the blurred boundaries between work and life. This can make monitoring network traffic difficult for businesses as it makes it hard to identify the traffic they need control over. Rich used Zero Trust – a framework that ensures only authorised users can access the network or a specific application – as an example of a solution that can help solve this problem.

Collaboration also needs to be an important part of this discussion, said Rich. Democratising security by bringing network engineers and developers together to create self-service solutions is hugely valuable, as is encouraging network and security teams to work collaboratively to make availability and ease of use a priority without compromising security.

IT/OT convergence  

Oliver Feiler, senior director of partner sales for global strategic alliances at Nozomi Networks, said the convergence of IT and OT environments creates unique compliance challenges regarding visibility and the application of security policies. While IT priorities typically concern data integrity, OT is more about resilience and continuity.

Oliver explained the vast difference between cyber incidents in IT and OT networks. You can’t quarantine an OT network like you would an infected IT network. This could shut down an energy grid, transport network, or production line, which would have serious consequences.

Many businesses struggle with IT/OT convergence because they lack knowledge of OT environments. However, they can turn to a Managed Security Services Provider (MSSP) or expert Security Operations Centre (SOC) team to plug that gap and provide a single pane of glass to ensure constant security and compliance.

Charting a course for compliance

With these complexities in mind, it’s clear that compliance needs to be at the top of businesses’ agendas as they start planning for next year. Rather than a burden, it should be seen as an opportunity for IT and security teams to drive real change in security. By ensuring it’s not just an add-on, businesses can achieve continuous compliance and assess risk dynamically, setting them up for success.

Learn more about how Orange Cyberdefense can support your compliance journey here.

Incident Response Hotline

Facing cyber incidents right now?

Contact our 24/7/365 world wide service incident response hotline!