Companies continue to face challenges preparing for and responding to cyberattacks — but there are clear steps security teams can take to improve their cyber resilience and manage today’s cyberthreats. This was the key takeaway from the 2016 global report on resilience from the Ponemon Institute.

Our on-demand webinar, “Key Steps to Improving Your Cyber Resilience,” features Dr. Larry Ponemon of the Ponemon Institute and John Bruce, chief technology officer at IBM Resilient. It explores the study’s findings and provides actionable recommendations to security teams to improve their resilience.

Cyber Resilience Strategy: A Conversation With Dr. Larry Ponemon

Dive into the state of cyber resilience today and explore real-world examples of organizations improving their ability to manage, mitigate and move on from cyberattacks. I had the opportunity to ask Ponemon about his thoughts on some of the most interesting findings from the study.

Question: Cyber resilience is a term that may be new to some people. Can you define it?

Ponemon: We define cyber resilience as “the capacity of an enterprise to maintain its core purpose and integrity in the face of cyberattacks.” In the context of the research we collaborated on, cyber resilience can be seen as the alignment of prevention, detection and response capabilities to manage, mitigate and move on from cyberattacks. A cyber-resilient enterprise is one that can prevent, detect, contain and recover from a plethora of serious threats against data, applications and IT infrastructure.

Why should security leaders strive to improve this?

The first reason to improve cyber resilience is one we all know: Cyberattacks will continue to mount and grow more and more complex and sophisticated. Our data showed that most organizations experienced a data breach in the past year — often more than once.

As this climate continues to worsen, having an improved cyber resilience will be crucial to organizations of any size in any industry.

Second, cyber resilience is an organizational effort. It involves people, process and technology — and the coordination of business units across a company.

There’s no easy fix. Improving cyber resilience takes a commitment to making improvements over a long period of time. Security leaders would be smart to get started today.

What was the most surprising finding overall in the study?

One interesting finding was the emergence of IT process and business process complexity as a new barrier to cyber resilience. In fact, complexity is the second-biggest barrier to cyber resilience, behind only “insufficient planning and preparedness” — a huge leap from 2015.

These complexities can be tied to a number of things, but we often see organizations with a deluge of IT and security tools and processes — and no real overarching system to manage it all. With a lot of fragmented tools and processes in place, a lack of standardization can make everything complex very quickly.

This year, it looks as though the study had more global reach. Were the findings different market by market? If so, how?

Interestingly, Germany and France tended to be outliers on opposite ends of the spectrum for cyber resilience. German organizations are much more confident in their ability to be cyber resilient compared to the other countries we focused on. These companies reported placing a high value on being cyber resilient and saw importance in having skilled security employees within the organization.

On the other hand, French organizations felt largely the opposite. They reported the lowest confidence in their cyber resilience abilities but did not place much as much value in this compared to the other countries. They also placed a lower priority than others in getting skilled security employees on staff.

Are there ways that companies can improve their cyber resilience?

The key is to start from the top down and get executive buy-in. This goes beyond just getting the right tools in place and checking the box. With executive buy-in, security becomes a part of the culture.

It is not easy to become completely cyber resilient, but a real effort to combine the technology with people and process will certainly improve the situation. If the executives are committed and providing guidance and prioritization, they can create a sense of value around security for the entire organization.

This will play a role in recruiting to help fill skills gaps, as well as empowering existing employees to improve their process, cyber resilience and overall security.

Watch the complete on-demand webinar to learn more about how to improve you cyber resilience

More from Incident Response

How I got started: Incident responder

3 min read - As a cybersecurity incident responder, life can go from chill to chaos in seconds. What is it about being an incident responder that makes people want to step up for this crucial cybersecurity role?With our How I Got Started series, we learn from experts in their field and find out how they got started and what advice they have for anyone looking to get into the field.In this Q&A, we spoke with IBM’s own Dave Bales, co-lead X-Force Incident Command…

How Paris Olympic authorities battled cyberattacks, and won gold

3 min read - The Olympic Games Paris 2024 was by most accounts a highly successful Olympics. Some 10,000 athletes from 204 nations competed in 329 events over 16 days. But before and during the event, authorities battled Olympic-size cybersecurity threats coming from multiple directions.In preparation for expected attacks, authorities took several proactive measures to ensure the security of the event.Cyber vigilance programThe Paris 2024 Olympics implemented advanced threat intelligence, real-time threat monitoring and incident response expertise. This program aimed to prepare Olympic-facing organizations…

How CIRCIA is changing crisis communication

3 min read - Read the previous article in this series, PR vs cybersecurity teams: Handling disagreements in a crisis. When the Colonial Pipeline attack happened a few years ago, widespread panic and long lines at the gas pump were the result — partly due to a lack of reliable information. The attack raised the alarm about serious threats to critical infrastructure and what could happen in the aftermath. In response to this and other high-profile cyberattacks, Congress passed the Cyber Incident Reporting for Critical…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today