Light Dark
January 20, 2017 By Maria Battaglia 3 min read
Incident Response
Risk Management

Companies continue to face challenges preparing for and responding to cyberattacks — but there are clear steps security teams can take to improve their cyber resilience and manage today’s cyberthreats. This was the key takeaway from the 2016 global report on resilience from the Ponemon Institute.

Our on-demand webinar, “Key Steps to Improving Your Cyber Resilience,” features Dr. Larry Ponemon of the Ponemon Institute and John Bruce, chief technology officer at IBM Resilient. It explores the study’s findings and provides actionable recommendations to security teams to improve their resilience.

Cyber Resilience Strategy: A Conversation With Dr. Larry Ponemon

Dive into the state of cyber resilience today and explore real-world examples of organizations improving their ability to manage, mitigate and move on from cyberattacks. I had the opportunity to ask Ponemon about his thoughts on some of the most interesting findings from the study.

Question: Cyber resilience is a term that may be new to some people. Can you define it?

Ponemon: We define cyber resilience as “the capacity of an enterprise to maintain its core purpose and integrity in the face of cyberattacks.” In the context of the research we collaborated on, cyber resilience can be seen as the alignment of prevention, detection and response capabilities to manage, mitigate and move on from cyberattacks. A cyber-resilient enterprise is one that can prevent, detect, contain and recover from a plethora of serious threats against data, applications and IT infrastructure.

Why should security leaders strive to improve this?

The first reason to improve cyber resilience is one we all know: Cyberattacks will continue to mount and grow more and more complex and sophisticated. Our data showed that most organizations experienced a data breach in the past year — often more than once.

As this climate continues to worsen, having an improved cyber resilience will be crucial to organizations of any size in any industry.

Second, cyber resilience is an organizational effort. It involves people, process and technology — and the coordination of business units across a company.

There’s no easy fix. Improving cyber resilience takes a commitment to making improvements over a long period of time. Security leaders would be smart to get started today.

What was the most surprising finding overall in the study?

One interesting finding was the emergence of IT process and business process complexity as a new barrier to cyber resilience. In fact, complexity is the second-biggest barrier to cyber resilience, behind only “insufficient planning and preparedness” — a huge leap from 2015.

These complexities can be tied to a number of things, but we often see organizations with a deluge of IT and security tools and processes — and no real overarching system to manage it all. With a lot of fragmented tools and processes in place, a lack of standardization can make everything complex very quickly.

This year, it looks as though the study had more global reach. Were the findings different market by market? If so, how?

Interestingly, Germany and France tended to be outliers on opposite ends of the spectrum for cyber resilience. German organizations are much more confident in their ability to be cyber resilient compared to the other countries we focused on. These companies reported placing a high value on being cyber resilient and saw importance in having skilled security employees within the organization.

On the other hand, French organizations felt largely the opposite. They reported the lowest confidence in their cyber resilience abilities but did not place much as much value in this compared to the other countries. They also placed a lower priority than others in getting skilled security employees on staff.

Are there ways that companies can improve their cyber resilience?

The key is to start from the top down and get executive buy-in. This goes beyond just getting the right tools in place and checking the box. With executive buy-in, security becomes a part of the culture.

It is not easy to become completely cyber resilient, but a real effort to combine the technology with people and process will certainly improve the situation. If the executives are committed and providing guidance and prioritization, they can create a sense of value around security for the entire organization.

This will play a role in recruiting to help fill skills gaps, as well as empowering existing employees to improve their process, cyber resilience and overall security.

Watch the complete on-demand webinar to learn more about how to improve you cyber resilience

Maria Battaglia
CMO, IBM Resilient

More from Incident Response
August 23, 2024

How Paris Olympic authorities battled cyberattacks, and won gold

3 min read - The Olympic Games Paris 2024 was by most accounts a highly successful Olympics. Some 10,000 athletes from 204 nations competed in 329 events over 16 days. But before and during the event, authorities battled Olympic-size cybersecurity threats coming from multiple directions.In preparation for expected attacks, authorities took several proactive measures to ensure the security of the event.Cyber vigilance programThe Paris 2024 Olympics implemented advanced threat intelligence, real-time threat monitoring and incident response expertise. This program aimed to prepare Olympic-facing organizations…

August 7, 2024

How CIRCIA is changing crisis communication

3 min read - Read the previous article in this series, PR vs cybersecurity teams: Handling disagreements in a crisis. When the Colonial Pipeline attack happened a few years ago, widespread panic and long lines at the gas pump were the result — partly due to a lack of reliable information. The attack raised the alarm about serious threats to critical infrastructure and what could happen in the aftermath. In response to this and other high-profile cyberattacks, Congress passed the Cyber Incident Reporting for Critical…

July 31, 2024

PR vs cybersecurity teams: Handling disagreements in a crisis

4 min read - Check out our first two articles in this series, Cybersecurity crisis communication: What to do and Crisis communication: What NOT to do. When a cyber incident happens inside an organization, everyone in the company has a stake in how to approach remediation. The problem is that not everyone agrees on how to handle the public response to cyber crisis communication. Typically, in any organization, the public relations team handles the relationship between the company and the media, who then decide…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature