The growing sophistication of attacks means traditional cyber security will no longer suffice — particularly for the UK’s housing associations. Sharing why an active, proactive strategy beats reactive every time, John Blackburn, operations director at Central, explores the holy grail of cyber crisis simulation
Firewalls and encryptions were once the epitome of cyber security resilience. But the growing sophistication of attacks means traditional methods will no longer suffice — particularly for the UK’s housing associations, which are responsible for an ever-increasing volume of sensitive tenant data.
Sharing why an active, proactive strategy beats reactive every time, our operations director John Blackburn explores the holy grail of cyber crisis simulation.
There are a number of pressures adding to housing associations’ plates right now. Plates that are already spinning at 100 miles per hour.
“In transforming cybersecurity from a passive, reactive discipline into an active, proactive strategy, housing associations can ensure the safety and security of their tenants, while upholding their reputation as trusted community pillars”
As well as resourcing constraints and stretched budgets, to name just a few challenges, organisations are plagued by the possibility of falling victim to a cybersecurity breach. Not only more frequent than ever, these threats are becoming more nuanced too.
And the sector’s close proximity to government and public sector organisations makes them an even more attractive target too. So what can be done to mitigate the risks?
Today, it’s all about delving deeper than defence. Unless you’re a seasoned cybersecurity professional, working closely with variations of attacks on a daily basis, getting ahead of the curve and knowing which systems threat actors will target next can be difficult.
And with human error posting more risk than ever right now, factors beyond technical vulnerabilities should play a key role in boosting resilience. According to researchers from Stanford University and cybersecurity firm Tessian, approximately 88% of all data breaches occur at the hands of an employee mistake.
What is cyber crisis simulation and how can it help?
Proactive penetration testing methods certainly have their place — pinpointing weaknesses in a company’s IT estate that could be exploited elsewhere. But they not only fail to account for human error, they also only provide a snapshot of cybersecurity defences at the exact time the exercise was conducted.
Here’s why cyber crisis simulation is better:
- By mimicking the high-pressure scenarios that unfold during a cybersecurity attack or data breach, cyber crisis simulation gears teams up with the insight, experience, and confidence to tackle a real threat head-on. It’s not about policing employees, but empowering them
- It’s truly adaptable. Housing associations can tailor these methods to suit their unique applications and potential threats, and assess their readiness to respond to specific, high-risk situations
- Teams can subsequently evaluate their performance, identify weaknesses, and refine their response plans accordingly. Implementing this feedback loop is essential in helping firms continually improve their cybersecurity posture as circumstances change, and better equipping them to protect their digital assets
- In transforming cybersecurity from a passive, reactive discipline into an active, proactive strategy, housing associations can ensure the safety and security of their tenants, while upholding their reputation as trusted community pillars
Central Networks and Technologies is a Housing Digital Stakeholder that offers a range of IT support to those in the social housing sector.
Keen to simulate a cyberattack of your own? Get in touch, and we’ll help you formulate a robust strategy.
Image: Thapana_Studio/Shutterstock
Read next: Central: How housing associations can navigate a seamless PSTN transition
Are you a social housing professional? Sign up for a FREE MEMBERSHIP to upload news stories, post job vacancies, and connect with colleagues on our secure social feed.