All news with #resilience tag

🚦 Amazon Application Recovery Controller (ARC) Region Switch adds a Lambda event source mapping execution block to automate coordinated failover of event-driven streams across Regions. The block enables or disables Lambda event source mappings for Kinesis, DynamoDB Streams, MSK, and SQS to prevent duplicate processing. Customers can chain a disable block before an enable block, or run plans in ungraceful mode for impaired Regions. Native cross-account support lets a single plan span multiple AWS accounts.

📈The UK cybersecurity sector generated £14.7bn in revenue last year and contributed £9.1bn in gross value added, the government reported on 13 May. Employment rose to nearly 70,000 and the number of firms climbed to 2,603, with AI-focused cybersecurity vendors growing sharply. The government unveiled the Cyber Resilience Pledge and plans legislation via the Cyber Security and Resilience Bill to tighten standards. Experts warn that advances in AI increase risks and call for stronger, harmonized incident reporting and defences.

🚀 Scheduled scaling is now available for AWS Lambda Managed Instances, using Amazon EventBridge Scheduler to set one-time or recurring adjustments to function capacity limits. This lets you proactively raise capacity before expected peaks and lower it (including to zero) during idle periods to balance performance and cost. Schedules can be created via the EventBridge Scheduler console, AWS CLI, AWS SDKs, AWS CDK, or AWS CloudFormation and are available in all Regions that support Lambda Managed Instances.

🔁 Amazon EKS now supports Amazon Application Recovery Controller (ARC) zonal shift and zonal autoshift when using the open-source Karpenter for compute provisioning. ARC automates redirecting in-cluster network traffic away from an impaired AZ and can perform practice runs to validate cluster behavior. During a zonal shift, Karpenter stops provisioning in the impacted AZ, halts voluntary disruptions there, and avoids scheduling actions that depend on that zone. Enable support by setting ENABLE_ZONAL_SHIFT.

🔒 CISA has launched CI Fortify, urging water, energy, transportation and communications operators to plan to disconnect from third-party networks and maintain essential services if targeted by cyber-attacks. The guidance sets two core objectives: isolation — proactively segmenting OT from business and upstream networks to keep services running in degraded communications — and recovery — documenting systems, backing up critical files and rehearsing component replacement or manual operation. Operators are advised to identify critical customers, set service targets, update continuity plans for prolonged isolation, and share the guidance with vendors, integrators and managed service providers.

🔒 Organizations have long focused on cyber defenses against breaches and ransomware, but new geopolitical tensions show major disruptions can originate in the physical world and target cloud and network infrastructure. As cloud systems become integral to national economies, the network itself becomes an attack surface requiring resilient-by-design architecture. Enterprises must embrace operational resilience, redundancy, and distributed controls to mitigate physical and systemic risks.

🔒 CISA has launched the CI Fortify initiative to help critical infrastructure operators prepare to operate in isolation from the internet and third-party services during major cyber incidents. The program focuses on controlled isolation—distinct from traditional air-gapping—combined with local manual operations and rapid restoration. CISA will provide targeted assessments, guidance, and exercises during a pilot phase while urging operators to map dependencies and invest in resilient architectures.

🔒 CISA released new guidance called CI Fortify to help critical infrastructure organizations prepare to operate through crises and conflicts and continue delivering essential services while under cyberattack. The guidance centers on two emergency capabilities: Isolation — proactively disconnecting from third-party dependencies and operating without reliable telecommunications — and Recovery — rapidly restoring compromised systems while isolated. CISA urges organizations to begin investing now, test recovery plans, and practice local and manual operations to maintain a baseline of continuity.

🔍 The ODNI’s 2026 Annual Threat Assessment pivots from long-term, global forecasting to active operational reporting and a homeland-centric focus. This shift de-emphasizes detailed tracking of state-led infrastructure campaigns and named operations, leaving gaps in visibility on pre-positioned access. CISOs and CROs are urged to fund a resilience premium and prioritize identity, infrastructure continuity, algorithmic defense, and intelligence integration.

🔁 Amazon has added enhanced consumer offset synchronization to MSK Replicator, improving bidirectional Kafka replication so consumer applications resume from the correct position when moved across clusters. This lets teams move producers and consumers independently, in any order, without risking data loss or duplicate processing. Previously, offsets synchronized only when producers and consumers ran on the same cluster, which required careful migration sequencing. The feature can be enabled via the AWS Console, AWS CLI, or AWS CloudFormation and is available in all Regions where MSK Replicator is offered.

🛡️ Many businesses assume that backing up data equals protection, but backups alone do not sustain operations during outages. The article contrasts traditional backups, which enable post-incident restore, with BCDR solutions that keep systems running through failover and rapid recovery. It cites research showing recovery expectations often exceed real-world performance and recommends hybrid cloud strategies. Datto sponsors the piece and positions its BCDR tools for MSPs.

🔒Thiébaut Meyer and Lia Wertheimer of Google Cloud’s Office of the CISO present a conversation with Matt Rowe, CSO of Lloyds Banking Group, on building resilience across both technology and teams. They argue resilience requires a dual approach: operational resilience through tool consolidation and a secure-by-default architecture, and cultural resilience through psychological safety, disciplined prioritization, and intentional pauses. Practical guidance includes shifting down the stack to reduce sprawl, embedding security goals into business priorities, and leaders modeling transparency to normalize speaking up. The interview frames resilience as a structural design choice rather than an exercise in individual endurance.

📌 A literature review of 38 academic and industry sources finds cyber resilience is inconsistently defined, creating governance and measurement challenges for boards and executive teams. The author argues cyber resilience should be framed in business terms—operational continuity, stakeholder confidence, and financial stability—rather than technical controls alone. Regulatory divergence and sector priorities complicate standardization, so boards need clear, outcome-focused metrics and assigned accountability.

🔧 A former industrial automation engineer turned CISO argues that cybersecurity is fragmented across regulators, vendors, auditors and insurers, creating dangerous seams where correlated failures can cascade beyond organizational boundaries. Despite rising spending, tool proliferation and compliance-focused programs fail to measure or build true resilience, leaving handoffs and interfaces as persistent blind spots. High-profile incidents such as the July 2024 CrowdStrike outage show defensive tools and routine updates can themselves become systemic failure vectors, and the industry must design for graceful degradation rather than audit checkboxes.

⚠️ Organizations are increasingly exposed to systemic cyber risk as digital transformation stitches industries, vendors and platforms together, creating interconnected failure modes that compliance regimes and siloed tools fail to capture. The author—an experienced CISO with an industrial automation background—argues for shifting focus from checkbox-driven audits to architectural resilience and graceful degradation, tying security spend to measurable business survivability rather than isolated tool maturity.

🔒 Backup is now the backbone of business resilience, not just an IT routine. The article presents seven priorities—data prioritization, off-site and immutable copies, automated RPO/RTO, realistic recovery testing, SOC integration, and scalable playbooks—to reduce downtime and ransomware risk. It advocates a modern 3-2-1 approach with immutable cloud copies and daily automated recovery verification. N-able’s Cove Data Protection is cited as an example of a cyber-resilient solution.

🔒 Business resilience begins at the endpoint. Drawing on N-able SOC data, the article highlights that over 900,000 alerts were processed between March and December 2025 and that 18% originated from network and perimeter exploits—threats many endpoint-only tools missed. It prescribes continuous asset visibility, standardized secure configurations, automated patching and remediation, EDR for behavioral detection and response, and integrated backup and recovery to minimize downtime.

⚠️Silos between endpoint, SOC, and backup teams increase incident impact and slow recovery. The article identifies six common failures—unclear roles, fragmented asset and risk views, mismatched policies, disconnected tools, absent cross-team drills, and siloed metrics—and offers concrete fixes. Build a unified RACI, consolidate inventories and logs, align retention and playbooks, integrate EDR/SOC/backup workflows, run joint simulations, and measure resilience with shared KPIs. N-able is presented as a vendor that unifies management, security operations, and data protection to enable automation, faster detection, and safer recovery.

🔒 IT leaders must track six operational metrics to sustain business resilience as threats scale and boards demand measurable outcomes. Drawing on the 2026 N-able State of the SOC Report, the piece highlights MTTD, MTTR, time to recover, endpoint patch compliance, asset and identity coverage, and downtime avoided as core indicators. It shows how automation, integrated platforms, and continuous visibility convert metrics into actionable defense, faster containment, and demonstrable business value.

🔁 Azure IaaS delivers an enterprise-grade platform with built-in capabilities across compute, storage, and networking to help keep mission-critical applications available during hardware issues, maintenance, zonal disruptions, and regional incidents. The platform emphasizes isolation, redundancy, failover, and recovery through features like Virtual Machine Scale Sets, availability zones, and multiple storage redundancy tiers. Networking services such as Azure Load Balancer, Application Gateway, Traffic Manager, and Azure Front Door help maintain reachability and reroute traffic when paths fail. Customers are encouraged to combine these primitives with IaC, testing, and operational practices to meet workload-specific RTO/RPO objectives.