Cyberresilience: Moving Beyond Cybersecurity
By Karen E Lewis / November 2, 2020
A successful resilience strategy stems from well-defined requirements for high availability, continuous operations and continuous availability
Rebecca Gott, IBM Distinguished Engineer, IBM Z and LinuxONE, Image by Matt Carr
In an always-on world, downtime is expensive. Information Technology Intelligence Consulting (ITIC) estimates that 40% of businesses lose between $1 million to over $5 million per hour.1 Achieving zero downtime can be challenging; being always-on is under constant threat from external and internal risks. Externally, natural disasters and cyberincidents serve as dangerous disruptors. Internally, maintenance windows are shrinking, and inadvertent security breaches and insider threats also affect enterprise resilience. Avoiding downtime can even be a deterrent to critical disaster recovery testing; shutting down and restoring systems takes too long.
The Journey to Cyberresilience
Michael Jordan, IBM Distinguished Engineer, IBM Z® Security, defines cyberresilience as “an organization’s ability to continuously deliver their intended outcome, despite any cyberevents.” Although cybersecurity and cyberresilience are linked, they’re distinct: “Security focuses on information technology and controls around technology to protect data and systems; cyberresilience takes a broader view, although security is very much a part of it,” he adds. Cyberresilience assumes intrusions may, in fact, get into your system, and a cyberresilient infrastructure helps you recover faster.
“For many clients, cyberresilience is a journey from initially reducing unplanned outages, to minimizing planned outage windows, and eventually, moving to an always-on environment,” suggests Rebecca Gott, IBM Distinguished Engineer for IBM Z and IBM LinuxONE™. Gott believes the cornerstones of a successful resiliency strategy stem from well-defined requirements for high availability, continuous operations and continuous availability.
The most basic resilience level, high availability, reflects an organization’s ability to provide service during defined periods at acceptable or agreed levels. At this level, organizations mask unplanned outages from end users. High availability characteristics include fault tolerance, automated failure detection, recovery, bypass, reconfiguration, testing, and problem and change management. Establishing well-defined requirements for high availability enables reliability and can help reduce the risk of component failures.
The next level, continuous operations, indicates an organization has introduced measures to enable critical systems and processes to operate throughout unplanned and planned outages continuously. Resilience attributes include nondisruptive hardware and software changes, nondisruptive configuration and software co-existence. Continuous operations can help reduce the risk and impact of service outages.
The third stage of the journey to cyberresilience is continuous availability. Organizations requiring continuous availability need to deliver nondisruptive service to the end user, 24-7, 365 days a year, with zero tolerance for planned or unplanned outages. Continuous availability includes all of the characteristics of high availability plus continuous operations; it’s of the utmost importance in cyberresilience. With continuous availability, organizations can recover and restore services very quickly.
“Only IBM delivers unique multilayered mainframe storage solutions deeply integrated with end-to-end cyberresilience and massive scalability for IBM Z environments.”
Cyberresilience in a Hybrid Multicloud Environment
Disruptive cyberevents caused by malicious external sources, insider abuse, vulnerabilities, glitches and human error happen, despite the best-laid plans. When an event occurs, a cyberresilient system tries to contain an attack and then prevent its impact from cascading into broader failures.
Continuously delivering outcomes through cyberevents poses new challenges in hybrid multicloud environments. Hybrid multicloud environments include a mix of on-premise and cloud-based applications, platforms and data stores. These data, applications and platforms are connected through layers of supply chain and ecosystems, and the data is accessed and shared across these layers.
“Complexity increases dramatically in a hybrid multicloud environment,” notes Jordan. “First, instead of an application or system residing within an enterprise, organizations run parts of that application on-premise and in the cloud, making the attack surface considerably larger. Second, organizations need to ensure their data can be securely consumed in these different places. Finally, the introduction of a shared security model throws up many gray areas.”
In a shared security model, a cloud consumer is responsible for some aspects of security, and the cloud service provider for others. “As a cloud consumer, it can be difficult to tell where your responsibility begins and ends; you don’t want to take for granted that security is being provided,” Jordan adds.
Achieving cyberresilience requires capabilities that span cybersecurity, continuous availability, business continuity and the recovery of enterprise data and applications to ensure they function before, during and after any cyberincidents, outages, and planned and unplanned downtime.
“Taking a multidimensional approach, employing methods of keeping data confidential, preserving the integrity of data and systems, and ensuring the availability of core systems and data will help reduce the impact of unexpected downtime,” explains Gott. In an always-on world, fundamental tenets in a cyberresilient strategy are confidentiality, integrity and availability: C-I-A.
C: Keep data CONFIDENTIAL
Perpetrators of cyberattacks can be internal and external. Stealing, ransoming and destroying data is a risk to organizations of any size. A bad actor with insider knowledge and elevated system access can be more dangerous than a malware infection.
Human error happens, too; poorly administered systems and improper security settings create vulnerabilities. A recent Ponemon Institute report found inadvertent breaches from human error and system glitches were the root cause for nearly half of the data breaches studied.2
Pervasive encryption helps protect data on-premise and in public clouds. In addition to the hardware, IBM Z offers features for access control and role-based security controls that allow organizations to control resources consistently, according to policies across the entire software stack.
“In addition to pervasive encryption and software for access control and role-based security controls, multifactor authentication on IBM Z is available to provide alternate authentication mechanisms in place of standard passwords to strengthen authentication services further. These capabilities can safeguard against human error and insider threats,” says Gott.
IBM Data Privacy Passports provide end-to-end data-level protection and privacy, enabling organizations to encrypt eligible data, grant and revoke access to that data, and maintain control of that data, even as it moves off the system of record. Organizations can use these capabilities to protect data in hybrid multicloud environments.
“Data Privacy Passports give organizations the ability to protect that data, allowing them to revoke access to that data even after leaving the enterprise. Access to that data is protected while it’s in transit; then at rest, even at another site,” explains Gott.
Organizations face increasing regulation levels on protecting users’ data. Operational assurances from cloud vendors are no longer enough to satisfy compliance mandates. An organization’s most sensitive data should be obscured and encrypted on-premise, at the endpoint and in transit, especially in the cloud. “More administrators and pipes mean greater risk factors within those cloud environments. What if one of those cloud service provider administrators misuses their authority?” notes Jordan.
IBM’s Hyper Protect solutions offer clients turnkey security, out of the box, with full pervasive encryption to protect data integrity and confidentiality while at rest, in flight or in use. Using IBM’s Hyper Protect Services, both in the IBM Cloud® and on-premise, the data user has sole access and authority over that data and code. As a result, unauthorized access by anyone, even someone with elevated system credentials, is impossible.
“Hyper Protect offerings ensure mission-critical workloads have a high level of resilience and data protection by leveraging a highly available clustered configuration across multizone regions within the IBM Cloud,” adds Gott.
I: Preserve system and data INTEGRITY
The instant an enterprise’s entire site goes down, protecting data integrity is essential. IBM Z solutions are designed to allow clients to achieve seven 9s of uptime for continuous availability.3 Some of the capabilities inherent in the hardware include RAS capabilities and Parallel Sysplex® for IBM Z and IBM z/OS® capabilities.
Crypto coprocessors in the IBM z15™ chip accelerate encryption and cryptographic functions. The Crypto Express adapter is designed to meet the FIPS 140-2 Level 4 certification’s more stringent security requirements. FIPS 140-2 Level 4 underpins IBM’s Hyper Protect Crypto Services in the IBM Cloud; it’s the service that allows clients to maintain full authority over their private encryption materials.
IBM Secure Execution is designed to isolate workloads at granularity to protect them from internal and external threats. Secure Execution differs from other types of data protection in that it protects data while it’s in use.
A: Ensure continuous AVAILABILITY
Onsite or offsite, hybrid cloud-based data protection can help maintain business operations and minimize cyberevent impact. IBM GDPS® forms the pillar of many IBM client strategies. GDPS is a collection of system recovery options which uses various services, including clustering technologies, replication and automation.
System Recovery Boost diminishes the impact of downtime, planned or unplanned, allowing you to optimize your planned maintenance strategy and accelerate execution of disaster recovery testing and site switches.
“System Recovery Boost supports a new class of boost that can be applied to a range of Sysplex recovery processes to minimize disruption and maximize Sysplex resiliency,” notes Gott. “Enhanced recovery allows organizations to accelerate service restoration or recovery after planned or unplanned events by providing additional processing capacity and parallelism for general-purpose work in boosting images, and optionally by applying a new type of temporary capacity, System Recovery Boost Upgrade.” System Recovery Boost can help companies precisely apply capacity on demand after a planned or unplanned downtime event to accelerate service restoration.
Encryption technology helps protect data from being stolen, but it can’t prevent data from getting destroyed. Additional capabilities enable enterprises to take the next step to be fully prepared for disaster recovery.
“Isolating data and systems from production and backing them up can mitigate the impact of attacks on data integrity and improve recovery capabilities. Only IBM delivers unique multilayered mainframe storage solutions deeply integrated with end-to-end cyberresilience and massive scalability for IBM Z environments,” says Jordan.
IBM DS8900F storage systems add the next-level performance, data protection, availability and resilience for mission-critical IBM Z and IBM LinuxONE storage workloads across hybrid multicloud deployments. DS8900F has ultra-low latency and transparent cloud tiering, offering clients better than seven 9s of availability and protection against malware and ransomware. Both disk storage and IBM TS7700, a virtual tape-based data storage solution, allow organizations to make protected copies at regular intervals; copies can be restored to the production environment or copied to a recovery system. Together, these storage solutions provide multilayered and deeply integrated end-to-end cyberresilience to defend against malware, especially malware impacted recovery data.4
Secure, Resilient, Always On
IBM offers clients a fully integrated suite of security and resilience capabilities. From surviving new threats and attacks to meeting regulation and compliance mandate changes, IBM Z and IBM LinuxONE platforms provide cloud-native experience, encryption everywhere, cyberresilience, always-on availability, and flexible deployment for organizations of any size.
The high availability and disaster recovery capabilities with IBM Z and IBM LinuxONE protect organizations by minimizing vulnerability areas, minimizing the impact of both planned and unplanned downtime, preserving data integrity and ensuring compliance with industry privacy regulations.
 IBM Security and Ponemon Institute, “The Cost of a Data Breach,” 2019
 Disclaimer: Internal data based on measurements and projections was used in calculating the expected value. IBM z15 servers must be configured in a Parallel Sysplex using IBM z/OS 2.3 or above; GDPS management of data and middleware recovery across Metro distance systems and storage, including GDPS Metro Multi-site Workload and GDPS Continuous Availability; and DS888X with IBM HyperSwap®. Necessary resiliency technology must be enabled, such as System Managed CF Structure Duplexing, Sysplex failure management and Capacity Provisioning Manager. Other configurations may provide different availability characteristics.
 IBM storage solutions for IBM Z and LinuxONE, ibm.co/3kRhEnF
z/OS / Linux on IBM Z / z/VM / z/VSE / Article / Cloud / Security / Systems management / Data management / Cloud strategy / Hybrid cloud / IBM Z / Data security / LinuxONE / High availability
Karen E. Lewis is a global market segment manager with the IBM Systems and Technology Group. She has more than 20 years experience.
See more by Karen E Lewis