Quick Tips On Security Resilience
The security resilience concept is a recommendation by NIST. Unlike a defensive security approach (which is about prevention), security resilience focuses on "after breach" activities. The basic assumption is that it is not "if" your network be attacked but "when". To that end, your architecture should have the capability to understand that a breach has occurred and begin remediating the damage incurred.
The reason for focusing on this strategy is simple—you want to reduce costs. These activities, if done right, will help you reduce the costs of a breach either directly by limiting the data stolen, or by decreasing the financial amount of each fine incurred, and in turn, minimizing bad publicity.
This application note provides some quick tips to show you how the following issues can be reduced:
- Threat discovery time
- Company risk
- Component recovery and validation time