Organizations can’t protect against everything. They can’t predict what will happen next or how severe the attack may be. This places a great deal of focus on resiliency, an ability to recover from a damaging breach.

While some organizations may feel that the cybersecurity gap is being closed, a startling number lack confidence in preparedness for a serious attack. To shed new light on the world of data protection and cyber resiliency, theCUBE, SiliconANGLE Media’s livestreaming studio, recently hosted the “Navigating the Road to Cyber Resiliency” event, made possible by Dell Technologies Inc.

Interviews with Dell executives and an industry analyst helped put cyber resiliency into context and provided valuable perspectives on the market and industry trends. (* Disclosure below.)

Here are three insights you might have missed from theCUBE’s livestreamed event:

1. A silicon root of trust is more important than ever.

Root of trust is grounded in the principle that safety starts with the boot of legitimate code in any computer. At the hardware level, a chip validates that the first bit of code is legitimate by checking it against an encrypted signature.

This process can mean the difference between worry free computing and complete disaster. If the hardware has been corrupted, it could give total access and control to a malicious actor.

Working with component suppliers like Broadcom Inc., Dell relies on hardware chips to verify legitimate code using an immutable key burned into silicon at the factory. Silicon root of trust provides a key first step in securing the hardware supply chain.

“If you think about things like our Broadcom components, silicon root of trust becomes really so important,” said Rob Emsley, head of data protection and cyber resiliency marketing at Dell, in an interview with theCUBE during the event. “It’s the fact that the infrastructure you deploy comes through a secure supply chain that we guarantee and has got to you in a very secure way. The goal is to stay secure against evolving threats.”

Here is theCUBE’s complete video interview with Rob Emsley:

2. Cyber insurance is expensive but also part of a risk strategy.

The cost of doing business has risen significantly for many businesses over the past two years, and that includes the purchase of cyber insurance. Insurance broker Marsh reported that cyber insurance premiums increased in cost 28% year-over-year by the end of 2022. The question being asked by many firms is whether they can afford not to carry insurance against cyberattack. 

According to Dell, $13 million is the average cost to organizations resulting from cybercrime and $6 trillion was the estimated global impact of cybercrime in 2021. In addition to the overall cost, the problem could be that firms fail to implement viable protection strategies because of complacency triggered by the insurance coverage. This places more emphasis on the need for implementing comprehensive zero-trust policies throughout the organization, according to Jim Shook (pictured), director of cybersecurity and compliance practice at Dell, during an interview with theCUBE.

“Cyber insurance is definitely a component of an overall risk strategy,” Shook said. “You help to transfer some of the risk, but it’s not the strategy. In fact, in today’s world, if you don’t have good cybersecurity, you may not be able to get a policy at all.”

Here is theCUBE’s complete video interview with Jim Shook:

3. The federal government is all in on zero trust for network protection.

When the White House issued an Executive Order in spring 2021 on improving the nation’s cybersecurity, zero trust was prominently mentioned. Zero trust is a security framework that requires all users to be authenticated for network access.

The Biden Administration mandated that the federal government must advance zero-trust architecture for its systems. The edict was followed eight months later by the release of a federal strategy by the Office of Management and Budget to implement zero trust throughout federal government agencies. In October, the government’s chief information security officer announced that agencies had moved into the implementation phase for zero-trust practices.

The deadline for federal agencies to reach full implementation is a little over a year away. The government’s push toward zero trust serves to raise awareness about the framework’s ability to protect systems and data at a time when many networks are under relentless attack.

“Zero trust is really all about the way. It’s not just a technology; it’s really a culture,” said Daniel Newman, chief executive officer of the Futurum Group, in an interview with theCUBE. “Zero trust is one of the things they’ve focused on for the federal and public sector. We’re seeing it in government; we’re seeing it in enterprise. This is a really big thing.”

Here is theCUBE’s complete video interview with Daniel Newman:

Watch theCUBE’s coverage of ‘Navigating the Road to Cyber Resiliency’ event below:

(* Disclosure: TheCUBE is a paid media partner for the “Navigating the Road to Cyber Resiliency” event. Neither Dell Technologies Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE