Denis Villeneuve
Cybersecurity and Resilience Practice Leader & Co-Chair of the Indigenous Working Group, Kyndryl Canada
As AI-driven cyber threats become more advanced, building robust recovery strategies and reinforcing cyber resilience are essential for organizational survival.
It’s no secret that cyberattacks are a major threat to organizations in all industries. Despite widespread warnings of malicious activity and the potential for financial and reputational ruin they can cause, many organizations are far less equipped to deal with an attack than they realize.
Imagine receiving an email or SMS from your CEO urgently requesting money be sent to pay a supplier, only to find out that it was a scammer after you put the payment through. Or imagine a cybercriminal using stolen login credentials to access your company’s internal systems, making it nearly impossible to tell the difference between the legitimate user and the fraudster.
Today, cyber threats such as ransomware, phishing, deepfakes and supply-chain attacks are more sophisticated, thanks to new technologies. More and more, cybercriminals are using generative AI for multi-vector attacks, going after a network or target on several fronts, sometimes in phases.
Denis Villeneuve is the Cybersecurity and Resilience Practice Leader at Kyndryl Canada, as well as the co-chair of the company’s Indigenous Working Group. He says cyberthreats have always evolved to utilize the latest technological advancements. But generative AI’s unprecedented ability to streamline and speed up malicious activity has facilitated the need for more robust protective measures.
A cyber resilience plan needs to combine cybersecurity, business continuity, and disaster recovery.
The good news is that AI is not just for the bad actors. AI is being leveraged to create holistic cyber defenses and recovery plans. “I used to say early on, ‘automate the known threats so you can orchestrate the unknown threats’,” says Villeneuve. “We’re getting to the point where we’re automating the known threats and also automating the orchestration of unknown threats.” He points to tabletop exercises that can be performed using a digital twin of the network under various forms of attack to demonstrate how an organization’s environment will react.
Moving beyond hypotheticals on paper to this level of detail in an exercise also helps highlight where aspects of cyber resilience may need to be shored up. Organizations will often invest in preventative pre-breach “left of boom” cybersecurity measures, and less so on “right of boom” post-breach recovery. “Being able to be more resilient is actually putting in the plans and updating the plans for recoverability.” says Villeneuve.
A key part of the plan should include evaluating each layer of your network. Take for example a bus scheduling tool designed to help passengers plan their trip from point A to point B. If it’s built on an old booking system housed in a dusty closet somewhere, the entire application could collapse if that one system goes down. Moving a program to the cloud to improve resilience is only useful if each underlying hook meets the same level of resilience.
In the race to the cloud following the pandemic, some recovery and resilience plans were set aside. “Organizations are only starting to catch up on dusting off their resilience strategy,” says Villeneuve. Backup and recovery strategies need to be updated for the new hybrid world and the hybrid estate. He stresses how important it is to “have an understanding of minimum viable company/organization/ government in order to put the right resilience into your applications and infrastructure to be able to respond accordingly or recover accordingly.”
A cyber resilience plan needs to combine cybersecurity, business continuity, and disaster recovery. Working with a company that bakes security and cyber resilience into systems and infrastructure is integral to maintaining a healthy digital environment. Kyndryl understands the complicated global system of compliance and risk management and recovery because they are there, on the ground, with 80,000 employees worldwide managing some of the top mission-critical workloads.
As part of this, Kyndryl has a global network of Security Operations Centres, including one in Canada, that offer comprehensive support and advanced protection capabilities for the entire cyber threat lifecycle. Using artificial intelligence, specifically machine learning and integrated automation systems, they help businesses anticipate, protect, withstand, and recover from attacks.
To learn more, visit kyndryl.com