Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity & Business ResilienceGovernment: Federal, State and Local

White House cybersecurity vision emphasizes, simplifies resilience

By John Herrema
computer-code.jpg

Image via Unsplash

May 2, 2023

Most of professionals in the cybersecurity industry have read the new National Cybersecurity Strategy recently released by the Biden-Harris Administration. It marks another step the Executive branch has taken to ensure people, businesses and government remain secure in the global digital ecosystem.

The strategy is built on recognizable pillars that have long been part of cybersecurity strategies, including cyber defense, threat disruption, goal establishment and partnerships. It also introduces “resilience” as a new paradigm, signaling that this once abstract concept is now recognized as fundamental to ensuring a solid defensive and operational digital posture. 

Despite this validation, many will still recoil from the term, as overuse by security vendors has muddied its meaning. However, no security leaders can continue to view it through a skeptical lens. Now part of the government’s vision for the future of cybersecurity, a “resilience standard” will soon likely be both introduced and mandated.  

Resilience framework 

Within the context of the White House’s vision, defining and implementing resilience is straightforward. To state it simply, it means an organization can bounce back quickly from disruption to their digital operations. Practically, it can be described as a model that prepares people, identifies technologies, focuses on recovery and establishes partnerships to reduce the negative impact threats, complexity and vulnerable technologies have on public and private sector organizations. Within this simplified framework, any security and risk leader can direct investments that establish resilience factors across all four areas. To build resilience into the organization, start by taking basic steps:  

People

Through actions that are either malicious, negligent or ill-informed, almost all security and compliance incidents are driven by people. When investigations are complete, problems typically point back to someone who stole sensitive corporate data, accidentally clicked a malicious link, lost a device, hesitated to deploy a patch that may cause disruption, or could not tolerate a security-related delay to their line of business (LOB).  All these situations can be easily mitigated through resilient practices for managing people. 

Organizations can start by making certain they have strong zero trust and identity policies in place that restrict workers’ access to only the data and applications they need to do their jobs. 

Continue to train and test anyone who has access to your organization’s applications and data. Prepare them to not only recognize threatening occurrences but also make it easy for them to report them internally. 

Maintain a digital tether to all devices used to access your networks, software and information. Every year millions of endpoint devices go missing and unaccounted for — with an unbreakable connection, they can be controlled and protected no matter where they are.

Make sure that LOB leaders recognize that some delays are necessary to ensure that effective security can be maintained, and unnecessary risk can be avoided. 

Technology

This is an area where most security and risk professionals often become confused. Many solutions can legitimately claim to contribute to helping create a resilient environment, but seldom does anyone bother to investigate the level of robustness their deployed security and compliance technologies are able to maintain. Organizations may have EDR, EPP, ZTNA, UEM and other critical endpoint applications deployed. What good are they if they aren’t operating as expected? 

Absolute data, pulled from the millions of active endpoints using the platform, shows that most ISVs’ agents operate well below the level of efficacy needed to detect and defend against malicious and accidental threats. It is often assumed this is due to software flaws, which is sometimes true. 

Just as often though, agents don’t operate correctly due to other reasons. They can be turned off, hampered by technical complexity, impacted by malfunctioning configuration management and patching tools, or unable to compete for limited computing resources. 

To ensure that the most critical applications and devices run as needed, implement a tamper-proof layer that monitors and reports on application and device performance along with the ability to apply self-healing to both, should anything go wrong.

non resilient app health graph.jpgImage via Absolute Software 

Recovery

According to recent reports, organizations take between several days to just under a year in some cases to recover from a broad range of cyber incidents. It is important to remember that threats and attacks are not the only events that disrupt the normal course of business. Technical complexity also interferes with operations in the short and long term. This is a problem that has contributed to disruptions of varying lengths in data centers, clouds and on endpoints for decades. 

Such disruptions won’t end anytime soon. As the world continues to become increasingly digital and mobile, remote work will add challenges and uncontrollable variables. Both IT and security will have to deal with tech and factors that workers are increasingly reliant on for work, including device and network ownership, availability and performance of cellular networks and home and public WiFi. 

Without the ability to shorten the length of time it takes to “snap back,” there is no resiliency. In addition to deploying an acceptable amount of security, business, and management tools, be sure to invest in solutions that monitor and repair software and hardware in the face of disruptions driven by threats and complexity. In many cases, you may already be sitting on top of capabilities that can help you achieve this goal. Ask your existing vendors how they can help to keep your endpoint agents healthy, your network connections secure and optimized, and your cloud workloads available. You may uncover hidden capabilities you are already paying for.

Partners

Accountability is a key theme woven into the National Cybersecurity Strategy. The idea shifts much of the security burden away from victim organizations and onto solutions providers. However, no one should lose site of the fact that to build a more resilient future, everyone will have to assume a share of responsibility in creating better hardware and software that is easier to manage, increasingly interoperable, and more resistant to attacks, complexity, and tampering.

This doesn’t mean that providers must abandon their expertise and develop an entirely new product direction.

Take EDR for example. Over the past several years, it has risen to be a preferred first line of defense against malware attacks on endpoints. Like all cybersecurity technologies, it has evolved with the help of talent, innovations such as AI and machine learning, and experience. Suppliers will have to continually improve their own products with better code, patching, and new features to fight evolving threats. However, to maintain focus on their core competency, they can turn to partners better equipped to support resiliency across the unique environments and multiple OSs they deploy on. 

The Resilience Awakening

The White House isn’t the only entity waking up to the need to extend resilience across all levels of cybersecurity and IT. Security and risk professionals openly point out that between 5% and 25% of agents are degraded at any given time. Even news outlets are beginning to focus more time on it. 

No single member of the cybersecurity or IT vendor landscape can deliver resiliency as an off-the-shelf commodity. Vendors, enterprises, and governments will have to work together in partnership for any measurable and effective level to be reached. This new development out of DC and overall acknowledgement of resilience as critical to the future of business is an encouraging step in the right direction.  

KEYWORDS: cybersecurity guidelines global security strategy resiliency risk assessment White House cybersecurity zero trust

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

John herrema image

John Herrema is the Executive Vice President of Product & Strategy at Absolute Software.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • lightning and storm clouds

    White House announces climate resilience plans

    See More
  • White House

    Cyber Memo Warns of New Cybersecurity Risks to White House Network

    See More
  • white house behind trees

    White House announces cybersecurity implementation plan

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • 9780367339456.jpg.jpg.jpg

    Cyber Strategy: Risk-Driven Security and Resiliency

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing