《思科(Cisco):构筑安全弹性:网络安全专家的经验和建议(英文版)(26页) .pdf》由会员分享,可在线阅读,更多相关《思科(Cisco):构筑安全弹性:网络安全专家的经验和建议(英文版)(26页) .pdf(26页珍藏版)》请在三个皮匠报告上搜索。
1、Click here or press enter for the accessibility optimised versionBuilding SecurityResilienceStories and Advice from Cybersecurity LeadersClick here or press enter for the accessibility optimised versionCybersecurityprofessionals havededicated theircareers to protectingorganizations andbuilding resil
2、ience.And today,that job is tougher than ever.Organizations are operating as integrated ecosystems with boundaries betweencorporations,customers,suppliers and partners all blurring.Were also adjusting toconstantly shifting work patterns,and hybrid work is here to stay.A focus on resilience has super
3、charged security concerns,raising difficult questions fortodays executives:When will threats hit us?Are we prepared to detect all of them?Where are we most exposed to risk?Can we mitigate effects quickly?How fast can we recover?Are we getting better?This e-book features stories and experiences of se
4、curity leaders from aroundthe world,who discuss how theyve integrated cyber resilience into theirorganizations.They also offer guidance on which practices have the greatest impact on anorganizations ability to adapt to change.Click here or press enter for the accessibility optimised versionWhat does
5、 securityresilience meanto you?For me,there are four key parts of what makesa company resilient.The most important thing isto invest in your people protect their mentalhealth,first and foremost.Security is an industrynotorious for people being overworked and burnedout.Make sure you have the right pe
6、ople in theright places.Invest in their training so they knowyour environment and technology and are ready torespond and protect it.The second important thing is to align yourbusiness continuity and disaster recovery(BCDR)plans with your incident response plan.Doing thiswill mean recovery plans for
7、your company aredriven by your critical business needs.Thisalignment should result in knowing where your keyassets are,what other systems they communicatewith,and how they operate in your network.The third strand is finding the easy wins whichprovide the maximum benefit for your organizationwhen bui
8、lding your cyber defense strategy.Theseare things like multi-factor authentication(MFA),VPN,logging your passive DNS,and havingresponse retainers in place all things that mostcompanies can put into place fairly easily.Another example would be to consider having adirect security role reporting to you
9、r CEO or boardand making sure that your board is educated onthe risks happening in the world in terms ofcybersecurity.Thats important not only becausetheyre funding your investments,but alsobecause they need to understand what the risksare to the company.The fourth and last part of the puzzle is to
10、knowyour external risks.What are your risks from thirdparties and the supply chain?Its also important tohave a situational awareness of the world.Eventsthat are happening in the news,while perhaps notdirectly cyber-related,will have an impact on whatyoure protecting against.Liz WaddellIncident Respo
11、nse Practice Lead,Cisco Talos|LinkedIn|TwitterClick here or press enter for the accessibility optimised versionWhat are some keyconsiderations tobuilding securityresilience in yourorganization?Resilience requires the ability to managechange in such a way that the operations ofthe organization can st
12、ill function.The changemay be positive,for example,a new partneracquisition,or negative,such as being the targetof a cyberattack.The starting point for security teams has alwaysbeen planning.Using a risk-based approachlooking at the threat,the vulnerability,theprobability,and the impact are all part
13、s of the fullrisk equation.To understand the risk,potentialscenarios are played out in the following way:Assume a threat exists,then assess the likelihoodthat it may affect us,and finally,examine how wecan block any vulnerability and reduce the impact.Continuity and recovery plans are built aroundth
14、ese scenarios.Increasingly,CISOs are looking at how they canmaintain a high level of continuity in the face ofother nonthreatening changes.Balancing risk withopportunity,control and adaptability,such asmanaging the secure deployment of an externalteam of consultants,or ensuring a new supplier canbe
15、linked in to care for systems without increasingexposure is all part of a resilience profile.To achieve this,CISOs are preparing by:1.Gaining support from leadership teamsacross their whole organization.This is not atechnology or security issue,but a businesschallenge.2.Developing board-level repres
16、entation tochampion resilience.3.Ensuring that processes are in place andpracticed by all stakeholders.4.Continuing to develop both general threatintelligence and specific industry threatintelligence.5.Introducing flexible technologies that provideclearer visibility across their assets and thecentra
17、lized ability to implement new policiesand controls.Richard ArchdeaconAdvisory CISO,Cisco Secure|LinkedInShare on TwitterShare on LinkedInShare on Facebook“The starting point for security teamshas always been planning.Using a risk-based approach looking at the threat,the vulnerability,the probabilit
18、y,and theimpact are all parts of the full riskequation.”Richard Archdeacon|Advisory CISO,Cisco SecureResilience is about taking a risk-basedapproach to what the business can tolerate.Together with the CIO,and/or the board,securityleaders as the subject matter experts shouldclearly steer and articula
19、te the risks;and what todo about them thus enabling the organization toweigh up the correct decision.If the cost of prevention is millions,but the totaldamage(if it happens),is only in the thousands,then that should be a factor in the decision and itwould not be incorrect to accept the risk.However,
20、its not just about finances its also aboutreputation,and the long-term effect that a databreach might cause.All things should beconsidered,then try to reach a decision aboutwhat you can tolerate(and what you cant tolerate)as an organization.Also,come up with a list of assets that youabsolutely cant
21、live without sometimes referred toas the crown jewels,as well as assets you can livewithout for a short period of time.And then layeryour security based on that based on the threatmodel.It is not always possible or feasible to havethe highest level of security on every single asset.No CISO has an in
22、finite budget or resources.Youcant do everything and protect everything.Andthats OK.You aim to protect what is mostimportant to you as an organization and anythingthat touches that.Using this approach you buildyour resilience and continue to do so proactively asquickly as you can.Goher MohammadHead
23、of InfoSec,L&Q Group|LinkedInShare on TwitterShare on LinkedInShare on Facebook“Its not just about finances its alsoabout reputation,and the long-termeffect that a data breach might cause.”Goher Mohammad|Head of InfoSec,L&Q GroupResilience means being able to manage thethreats that we face,and not i
24、mmediatelycrumbling when a threat succeeds in causingharm.Resilience is achieved through combiningprotection with incident response planning.The first step in becoming resilient is to be awareof threats that we face.You cant take steps toprotect yourself if you have no idea of the nature ofthese thr
25、eats.The foundation of successfulresilience comes from understanding the threatsand your own weaknesses.Armed with this knowledge,you can implementprotections to reduce the likelihood that threats willaffect you,and ensure that if a threat doessucceed,that the effects will be minimized.However,we mu
26、st accept that no protection canever provide complete coverage,nor can we fullyanticipate how threats may change and evolve.Hence,we need to prepare ourselves to respondswiftly and effectively when a threat impacts us.Making sure that our systems have no single pointsof failure helps ensure that ope
27、rations cancontinue even if one component has to be takenout of action due to a threat.Planning andrehearsing our responses to incidents allows us toremediate threats and restore normal function assoon as possible.Martin LeeEMEA Region Lead,Strategic Planning&Communications,Cisco Talos|LinkedInShare
28、 on TwitterShare on LinkedInShare on Facebook“The foundation of successfulresilience comes from understandingthe threats and your own weaknesses.”Martin Lee|EMEA Region Lead,Strategic Planning&Communications,Cisco TalosAs a security advisor,one thing I look at in order toevaluate resilience is where
29、 an organization standswith practices such as data classification,andidentity and access management.The overallholistic design of these areas needs to beexamined from a security perspective to see ifthey are sound.One of the most effective ways to achieveresilience in any organization is to take a t
30、eamapproach,even if it is an informal team acollaborative environment,rather than anestablished corporate grouping.This is important because a person is neveralone in this endeavor.For example,if I am working with developers,theyneed to be keenly aware that part of theresponsibility of developing an
31、 application is notjust functionality,but security-that is,making theapplication safe for our customers to do businesswith us.Making sure that the organization shares the visionand actions of good security requirements is whatwill propel resilience;and ensuring that penetrationtesting,code scanning
32、and data classification areall done at the appropriate time.What I love is seeing the ways that securityprofessionals are actually helping projects.Its adifferent aspect than how security was traditionallytreated.Communication with the securityprofessionals is helping the business to designsecurity
33、into the project at the start.And that buildsresilience by eliminating the scramble to boltsecurity on later,especially after an incident isdiscovered.Lidia GiulianoInformation Security Professional|LinkedIn|TwitterShare on TwitterShare on LinkedInShare on Facebook“One of the most effective ways toa
34、chieve resilience in any organization isto take a team approach,even if it is aninformal team a collaborativeenvironment,rather than an establishedcorporate grouping.”Lidia Giuliano|Information Security ProfessionalOne of the areas where its crucial toproactively invest time is in the ability to get
35、accurate and actionable threat intelligence inthe right context.This can be very difficultbecause there are many different vendors andtools available that deliver very detailed threatintelligence,but often what they fail to do is makethat information relevant and bring in a broadcontext.For example,
36、the current turmoil in theworld makes it important to anticipate cybercrimefrom a geopolitical standpoint.Being able to show context adds real value to thebusiness.If you can show executives how youaccount for the threats to your service delivery,operations and critical functions based on whatsgoing
37、 on in the real world,then they can see theimportance of what you are doing.That gives theleadership meaningful confidence that yourbusiness is in the resilient state.An important aspect of resilience comes withfocusing on activities that actually align with whatthe business does.Its all well and go
38、od to try toconduct exercises to test your resilience,but withthe new work models that have emerged in recentyears,the exercises outlined in a variety offrameworks may not be the most valuable thing tobe doing right now.A better approach may be to pay attention towhere others have fallen victim rece
39、ntly,and try tomake sure that the resilience activities youreundertaking are aligned to what is going on in thereal world,focusing on those things that are mostlikely to impact your industry,and specifically yourorganization.It gives you a real-world test ofresilience.James PackerHead of Information
40、 Security|LinkedInTo take that idea further,ransomware is veryprevalent,but how do you test resilience againstransomware?The value comes in by looking at theransomware types that most organizations arebeing hit by.Are those ransomware variantstargeting specific sectors and specificorganizations?How
41、does that then apply to you,and how can you model your resilience exercisesto answer those real-world scenarios using whathas happened to similar businesses?Too often,there is a very clear disconnect by thebusiness.With ransomware,you may be running aresilience exercise,and some of the businessteams
42、 may not have a technical understanding ofthe systems,what ransomware is,and its impact totheir workflow.But,when you show that a servicecan be rendered unavailable,or that data may bestolen and extorted,then the stakeholders that areinvolved in those resilience activities can get anaccurate view to
43、 understand how it wouldmaterially hurt the business.Alternatively,they may determine that certainfunctions can be halted for a short period withoutharm to the business.These types of resilienceactivities add a lot of value by building that clearconnection between the business and thetechnology.Shar
44、e on TwitterShare on LinkedInShare on Facebook“Its all well and good to try to conductexercises to test your resilience,butwith the new work models that haveemerged in recent years,the exercisesoutlined in a variety of frameworks maynot be the most valuable thing to bedoing right now.”James Packer|H
45、ead of Information SecurityJames Packer(Continued)Head of Information Security|LinkedInResilience is far bigger than just security,butof course,security is such a key part.Security islike the king piece on the resilience chessboard.Ifour processes topple over and never recover,thegame is over.And ye
46、t were surrounded by otherdisciplines,who have their own moves they needto make to protect the organization as a whole.Theres a lot to protect,and with limited moves,weneed to be very calculated.And thats why wereseeing a big move towards risk-based security.For example,I might have a server that do
47、esnthave critical information within it.But the serverhas a known vulnerability that needs to bepatched.Its a back-end server that we use forDevOps.You have the same server,with that samevulnerability,but its internet-facing,and it hascustomer data on it.Our risks are different,even though its the s
48、amevulnerability.The need to patch is a far biggerpriority for you.In a world where we can only do so much,weneed to focus on the things that matter.Addressthe critical issues first,and then make a plan toaddress the other vulnerabilities you might beexposed to.To do that,you need accurate,predictio
49、n-based threat intelligence,based on youruniqueness as an organization.This priority-basedresilience building will address a lot of securityoperational issues that weve seen in the past.Corien VermaakCybersecurity Architect,APJC Region Center of Excellence,CiscoLinkedIn|TwitterShare on TwitterShare
50、on LinkedInShare on Facebook“In a world where we can only do somuch.Address the critical issues first,and then make a plan to address theother vulnerabilities you might beexposed to.”Corien Vermaak|Cybersecurity Architect,APJC RegionCenter of Excellence,CiscoClick here or press enter for the accessi
51、bility optimised versionMotor Oil Groups6 pillars to securityresilience successChristos SyngelakisCISO and Data Privacy Officer,Motor Oil Group|LinkedInMotor Oil Group is an oil refinery company with 50 yearsof history,and subsidiaries operating in the oil retail andrenewable energy sectors in the c
52、ountries of southeasternEurope.In an organization with such a diverse infrastructureand business,when it came to cyber resilience,the biggestchallenges to address were legacy systems and mindset.As our board has been heavily investing in digitaltransformation over the past five years,the security go
53、alswere production resilience,and the minimization of brandimpact and exposure in case of a technological incident.It ispart of critical national infrastructure,and any interruption canhave broad consequences.Share on TwitterShare on LinkedInShare on Facebook“Moving towards strategic partnerships wi
54、th vendors simplifiesour complexity and maximizes the return on investment fromevery solution.As an example,a cloud service provider is ourpartner,ensuring scalability and future-proofing furtherexpansion to the cloud.”Christos Syngelakis|CISO and Data Privacy Officer,Motor Oil Group1.Leadership buy
55、-in The CISO reports to the organizations CEO.Businessgoals and objectives are aligned with cybersecurity plans to ensuremaximum return on investment and effectiveness2.Recognize the problem area It all starts with recognizing where yourweaknesses are.Self-awareness is important in critical infrastr
56、ucture such asoil refineries.Knowing ourselves and our strengths and weaknesses hashelped us to be five years ahead of the competition and demonstrate fiveyears of efforts and progress in changing the corporate mindset.3.Invest in humans Humans are the most important part of the change.4.Converge in
57、formation security with operational technology Havethese two domains listen to and respect each other.They are both workingfor the same common goal,therefore,it is important to speak the samelanguage.5.Implement“security by design”Protect digital transformation initiativesand migration to the cloud.
58、For example,data analytics for predictivemaintenance is now done in the cloud,which could expose very criticalsystems to various threats and vulnerabilities.The goal is to build a securityperimeter in a perimeterless world without imposing any overhead,andwithout any false positives.In our industry,
59、false positives are equal todanger.6.Identity management Use multi-factor authentication as the preferredchoice whenever it can be integrated with our systems.The following are the pillars of Motor Oils security strategyto proactively anticipate threats,build cybersecurityresilience,and effectively
60、support the business:I want to end by acknowledging that one of the biggestchallenges for CISOs is burnout.In an always-on environmentwhere there is always something new to learn,as well as atremendous expansion of technology and requests for newprojects,the challenge of finding balance is one of th
61、e topissues.This brings me back to point three above invest inyour people and prioritize their mental health.Click here or press enter for the accessibility optimised versionHow can securityresilience proactivelyenableorganizations?First and foremost,people and relationshipsare key to information sh
62、aring when it comesto anticipating threats to operational resilience.Other groups in the organization know their areasbetter than my team ever will.They also know what the business impact will be.Labeling“happy path”thinking has been veryhelpful to get the team to step back and considerwhat doomsday
63、 scenarios would wreck their plansand make it impossible for them to operate.We established standard design patterns and teamnorms to mitigate those doomsday scenarios.Design patterns can be in the form of standardizedtechnical architectures,requirements or operationalprocesses.Team norms are usuall
64、y in the form ofcross training,established roles,modes ofcommunication and escalations.The biggest benefit from our proactive approachwas realized in March of 2020,when the companywas forced to go fully remote,indefinitely,on shortnotice.In 2019,due to conversations with otherteams across the organi
65、zation,we had realizedthat we had four big problems with our ITinfrastructure that would severely limit ourresilience.1.Many critical business processes dependedon IT infrastructure that was housed at theoffice where we lacked power,internet andcooling redundancy.2.Managing the IT infrastructure,esp
66、ecially thecorporate telephone system,requiredspecialized skills that we didnt have internally.We were heavily reliant on external resources tohelp us manage the equipment;and in theevent of a problem,we were unsure howquickly we would be able to restore service.3.We didnt have the team necessary to
67、 monitorand secure our internal IT systems sufficiently,and the managed service provider was not upto the task.4.Remote access provided poor experience forcustomer-facing phone calls.To address the risk of extended outages and theneed for a better remote work experience,wemade the decision to migrat
68、e all our internal ITinfrastructure to cloud-based services.When theshift to full-time remote work happened,wewerent caught unprepared.“Accidental CISO”TwitterFrom my years in the medical sector,Iwitnessed how security resilience can enablean organization.In particular,when my team hadto deal with a
69、 very sophisticated malware strainthat was designed to target a specific brand ofwidely used intensive care units(ICUs).ICU medical devices(ICUMDs)are used to closelymonitor,stabilize,and treat ICU patients who areoften unconscious and rely almost solely on thesedevices to survive,and the malware af
70、fected thesyringe pump(used to administer a specificquantity of medicine)and the pump monitoringfunctionality that could result in threat of life.When we assessed these devices,we identifiedboth current security weaknesses and futurethreats.It became clear to us that we needed tohandle key areas lik
71、e software updates,patchingand access with a very different approach thanwith other IT-related devices.We implemented avery refined process across the Identify,Detect,and Response phases of our security resiliencestrategy.In doing so,we identified the malware in anisolated testing environment.It was
72、 revealed thatthe malware was introduced through acompromised patch that was released by thevendor.At that time,no endpoint protectionsoftware was able to detect this malware,and if wefollowed the typical security processes,we wouldhave placed the lives of hundreds of patients indanger.No one ever t
73、hought that someone woulddesign something so malicious that could causethe loss of life.For many security professionals who work on thefront lines,security resilience indicates the ability ofan organization to adapt to known and unknownthreats.Nonstop business transformation at thetime of a crisis i
74、s a key strategy for buildingenterprise resilience.Christos SarrisLead Information Security Analyst,Sainsburys|LinkedInShare on TwitterShare on LinkedInShare on Facebook“For many security professionals whowork on the front lines,securityresilience indicates the ability of anorganization to adapt to
75、known andunknown threats.”Christos Sarris|Lead Information Security Analyst,SainsburysProcuring solutions is just one part of thetrilogy of People,Process,and Technology.Having staff to support the solutions is just ascritical.Often,organizations fail to keep theircybersecurity staff because they ha
76、ve no currentsalary data,and have no way to understand theexponential growth of those individuals in the fieldand their market value.There needs to be a closerrelationship between cybersecurity,finance,andHR in order to build and support security programs.In a prior role,implementing a flexible,modu
77、larGRC was the most impactful solution.However,what made it effective towards gaining interestfrom multiple departments was the ability to becross-functional,covering vendor management,vendor risk management,policy management andIT risk management.It provided a centralizedsolution for risk managemen
78、t,but also provided arepository for the enterprise policies.In providing a vendor management solution,it alsoprovided a vendor risk management solution wherecritical vendors could be risk-ranked.Risk profilesfor individual vendors could then be determined,aswell as the overall third-party risk profi
79、le.The cost/benefit of such a solution is easily justified whenreviewing the manual processes included in eachof the use cases.The GRC solution started off with one module and,over time,expanded to four modules with otherdepartments seeking access in order to centralizetheir documentation or to use
80、it for their coreprocesses.Nigel SampsonHead of Cybersecurity,International Data Group(IDG)|LinkedInShare on TwitterShare on LinkedInShare on Facebook“There needs to be a closerrelationship between cybersecurity,finance,and HR in order to build andsupport security programs.”Nigel Sampson|Head of Cyb
81、ersecurity,InternationalData Group(IDG)A couple of years ago,I worked with a retailcompany that had huge risks with their third-party supply chain.Supply chain attacks havebeen a popular method of attack recently.However,this is not a new phenomenon,and I wascalled to help that company after it had
82、quite a bigdata breach.The breach was not a result of theirown defenses,but a weakness in one of theirprimary suppliers.I led a third-party supplier review,assessing areassuch as who were their critical suppliers(they hadabout 200 suppliers).Then,we needed to examinewhich ones they were exchanging p
83、ersonal andconfidential data with.We then proceeded to breakall the suppliers into tiers,based on theclassification of information.We then audited all the tier-one suppliers.The waythat helped the client was that it gave them a truerunderstanding of which of their suppliers wererisky.As a result,we
84、saw a marked improvement inthe way that the company chose their suppliers.Itwasnt just based on the quality of goods;it wasbased on security principles as well.Another important piece of resilience is the abilityto not only identify when something isnt quiteright,but also do it quickly.These are con
85、ceptsknown as mean time to detect(MTTD),and meantime to respond(MTTR).Threats exist and incidents happen.Resilience isachieved when both the likelihood of an incidentoccurring is reduced,and the impact caused isminimized.Haroon MalikSecurity Consulting,Director,NTT Data|LinkedInShare on TwitterShare
86、 on LinkedInShare on Facebook“Threats exist and incidents happen.Resilience is achieved when both thelikelihood of an incident occurring isreduced,and the impact caused isminimized.”Haroon Malik|Security Consulting,Director,NTT DataWorking in the cyber threat intelligence(CTI)industry in the UK is a
87、lways going to require anelevated alert level.Fortunately,we havearchitected our infrastructure in such a fashion asto reduce the attack surface and exposure ofvulnerable services.This commitment to“best practice”architecturealso provides a comfortable degree of resilience.For us,its all about havin
88、g knowledgeabledevelopers who pride themselves on the creationof secure code and ensuring its properly deployedwith rigorous adherence to ISO 27001 compliance.As a nearly virtual company,our data and email areall contained within Software-as-a-Service(SaaS)clouds for the ultimate in accessibility an
89、d dataprotection provided by those top-tier providers.Working in the CTI world,everyone in the companyis acutely aware of the threats that all organizationsface,including our own.We have a chief compliance officer who workswith us,and all layers of the company work againstthreat actors in the physic
90、al and virtual world on adaily basis.This promotes a strong security culture,as well as effective resilience.Ian Thornton-TrumpChief Information Security Officer,Cyjax Limited|LinkedIn|TwitterShare on TwitterShare on LinkedInShare on Facebook“For us,its all about havingknowledgeable developers who p
91、ridethemselves on the creation of securecode and ensuring its properlydeployed with rigorous adherence toISO 27001 compliance.”Ian Thornton-Trump|Chief Information Security Officer,Cyjax LimitedOne example of building resilience is from mydays as Ciscos first chief privacy officer.Whenit came time t
92、o draw up contracts,we measured apattern of distrust and confusion when customerswanted to buy collaboration or other privacysensitive products.Long negotiations coveredbasic questions such as“Where is data stored?”and“Who manages the sign-on data about ouremployees and customers?”I was at the Londo
93、n Transport Museum exhibitwhen the solution hit me:the simplicity of themaps to the London Underground was perfect!What if we could show customers what data was inquestion,and where and for how long,in a simpleto digest infographic?Thats what we created and published in the CiscoTrust Center,and the
94、 results were immediate,measurable and lasting.When people can visualizesystemic,complex issues,they can plan,commitand build together.My current company is PrivacyCode,Inc.Weprovide a platform that allows stakeholders whomust create and enforce complex legal and policyrequirements to effectively tr
95、anslate them intoconsumable,measurable and action-oriented tasksfor technical teams.In a world with constant change and growingcomplexity,clearly communicated and granular-level leadership creates and reinforces resilience.Iam always seeking simple and easy-to-engagesteps to solve monumental challen
96、ges.Michelle DennedyCEO,PrivacyCode,Inc.|LinkedIn|TwitterShare on TwitterShare on LinkedInShare on Facebook“In a world with constant change andgrowing complexity,clearlycommunicated and granular-levelleadership creates and reinforcesresilience.”Michelle Dennedy|CEO,PrivacyCode,Inc.Click here or pres
97、s enter for the accessibility optimised versionAdditional resourcesAs our experts have stressed,when everything is open andconnected,security resilience requires more than what pastapproaches have offered.The old methodology of siloed security,which was focused ontreating all threats equally,is maki
98、ng way for a new form ofsecurity resilience:the drive towards adaptability and constantverification while always considering the context.Another common theme amongst our contributors is that humansare absolutely key to building resilience.Protecting their mentalhealth,and reducing the risk of burnou
99、t,is more important thanever.For expert tips and resources on this topic,read our e-book:Creating Safe Spaces:Leaders and Practitioners on MentalHealth and Avoiding Burnout.Share on TwitterShare on LinkedInShare on Facebook“You aim to protect what is most important to you as anorganization and anyth
100、ing that touches that.Using thisapproach you build your resilience and continue to do soproactively as quickly as you can.”Goher Mohammad|Head of InfoSec,L&Q GroupLearn how you can empower your business to withstandtodays unpredictable threats and emerge strongertomorrow.Visit: here or press enter for the accessibility optimised versionThank you for readingBuilding SecurityResilienceStories and Advice from Cybersecurity LeadersCookiesTermsPrivacy 1 2 Contacts|Help|Terms&Conditions|Privacy Statement|Cookie Policy|Trademarks