Jun 13 2024

Bolster Cyberdefenses with Tech, Policies and Cultural Changes

There’s more to security than breach prevention. These companies know what it means to be cyber resilient.

It’s the thought that keeps even the most experienced IT leaders up at night.

“As a business, there’s no way to stop every cyberattack, even with the best preventive efforts,” says Scott Moser, CISO at Sabre. “How are you going to detect when an attack happens, and what are you going to do in response?”

A software provider to the travel industry, Sabre ramped up prevention several years ago when it turned to Mimecast to improve its employee cybersecurity awareness training. The program uses comedy to make cyber education “more interesting,” Moser says. About once per month, employees watch a two- to three-minute video featuring professional actors playing characters such as Sound Judgment and Human Error. When the video is finished, they answer a question to check their understanding of the content, and then they find out if they got it right or wrong — all in a way that’s meant to make them laugh.

Click the banner below to learn why cyber resilience is essential to enterprise success.

“Most educational programs aren’t fun,” Moser says, “but the way they do it, our people look forward to it. And because they enjoy it, they remember what they learn.”

He adds that awareness training at Sabre is just one part of a three-pronged approach to building cyber resilience. The company relies on a wide range of solutions and processes for threat detection, protection and containment.

“Resilience is having a strategy that allows us to continue to operate and support business services as we deal with the threats we know are coming,” Moser says. “It’s ensuring that we can always move forward, no matter what the attackers throw at us.”

What to Know About Cyber Resilience

Given the frequency of cyberattacks, and considering how often bad actors are successful, it should come as no surprise that many IT leaders are developing resilience strategies similar to Sabre’s.

According to a report by the Identity Theft Resource Center, of the 3,122 data breaches at U.S. organizations in 2023, 75 percent were a result of cyberattacks. Overall, the ITRC found, there were
72 percent more data compromises last year than the previous all-time high reported in 2021.

This upward trend has led many companies to embrace tools and resources that not only fight the latest threats but ensure business continuity in a worst-case scenario.

Scott Moser, Sabre


“Resilience is a term that’s really come into vogue only relatively recently,” notes Jeff Reich, executive director of the Identity Defined Security Alliance. It used to be that most companies would focus on either prevention or incident response, he explains. “It was all about prevention until something happened, and then you’d respond, but it was often too late.”

Companies that are cyber resilient use monitoring to detect when their preventive efforts fail and are constantly testing and updating their response plans, Reich says. “You’re trying to reduce the gap between prevention and response so that when you do have a problem, you can bounce back quickly and at lower cost.”

GO DEEPER: Learn what you need to know to build a zero-trust architecture.

Backups Are Critical to Cyber Resilience

One IT leader who knows what it’s like to bounce back after a hack is Marques Stewart, managing director of technology with Achievement First, a charter school management nonprofit that oversees about 40 institutions in New York, Connecticut and Rhode Island.

A few years ago, Achievement First’s systems were rendered mostly unusable by a successful cyberattack.

“Technically, we were down for about a week, but it took us about three to four weeks after that to get things running and recover,” Stewart recalls.

The experience led Stewart and his team to re-evaluate their approach to cybersecurity.

First, they got serious about a backup plan for their virtual machines, turning to a cloud-based storage system from Wasabi to safely guard their Veeam-facilitated backups.

LEARN MORE: Click the banner below to read the “2024 CDW Cybersecurity Report.”

Next, they adopted an endpoint detection and response solution to protect devices used by school leaders and administrators, and they deployed new network monitoring software that provides automatic alerts about suspicious activity.

Finally, Stewart notes, they turned their attention to prevention, implementing an identity and access management solution from Okta and improving cybersecurity training.

With its single-pane-of-glass management capabilities, the Okta platform makes it easy for IT to isolate a user’s account, and — if a compromise is suspected — contain the potential damage. It also protects school applications, requiring multifactor authentication at login.

“The biggest thing we’re trying to do is to be pre-emptive instead of reactive,” Stewart says. “Proactivity is the main focus of our cyber resiliency plan.”

EXPLORE: Identity and access management solutions protect endpoints.

Build Resiliency with Better Backups

At architecture and engineering firm SSOE, IT Manager Dominic Torres knows a thing or two about proactivity. In his company’s case, Torres says, the IT team looked to Veeam to improve data protection with encrypted and immutable backups.

Today, the company relies on the solution to back up close to 50 terabytes of data per week from hundreds of virtual and physical machines at its more than 20 offices across the globe. And like both Sabre and Achievement First, it has further fortified its cybersecurity strategy with protective business policies and controls and an employee training and awareness program.

Torres describes the new backup strategy as a significant advancement because it streamlines various processes and procedures that were previously tedious and time-consuming.

“Our previous solution required a ton of hours to maintain and support,” he says. The investment SSOE made was not insignificant, but “now we’re seeing substantial savings through improvements in efficiency and better use of our resources.”

$4.45 million

The global average cost of a data breach in 2023, up 15 percent since 2020

Source: Source: IBM, Cost of a Data Breach Report 2023, July 2023

When he considers what it means for SSOE to be cyber resilient, Torres notes that attackers are constantly evolving and updating their tactics.

“Cybersecurity as a whole is a moving target. With all of the new threats coming out on a daily basis, you have to be able to quickly adapt,” he says.

For SSOE, having a robust backup solution is essential to their security strategy. "With consistent and reliable backups, we're confident we can recover if an incident occurs," says Torres. Torres and his team understand that, despite their best efforts, dependable backups are vital for a comprehensive incident response plan. Effective recovery procedures are crucial to minimize impact and ensure a quick recovery.

kzlmax/Getty Image

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.