December 2, 2016 By John Bruce 2 min read

Last month, we released findings from the Ponemon Institute’s second annual study on cyber resilience, titled “The 2016 Cyber Resilient Organization.” The report assessed organizations’ ability to respond to and recover from cyberattacks and identified the top challenges facing IT professionals today.

When we compared this new data to last year’s results, it was clear that organizations were still unprepared to deal with cyberattacks. In fact, it’s actually getting tougher: Only 32 percent of IT and security professionals reported that their organization had a high level of cyber resilience, down from 35 percent in 2015.

The study also provided insights into the challenges that impede organizations from improving their resilience. For example:

  • Two-thirds (66 percent) cited “insufficient planning and preparedness” as a top barrier to cyber resilience.
  • About 41 percent said the time to resolve a cyber incident has increased or increased significantly, while only 31 percent said it has decreased.
  • A whopping 75 percent admitted their organization lacks a formal, consistent incident response (IR) plan.

Three Ways to Become Cyber Resilient

It’s clear that the challenges are significant and steep. The good news is that the study offered organizations steps to increase cyber resilience. Below are three initiatives outlined in the report that organizations can implement today:

1. Prioritize Planning and Preparation

Improved cyber resilience starts by preparing for cyberattacks. Respondents said that “preparedness” is the single most important factor to achieving cyber resilience.

Security leaders should work toward building consistent and repeatable workflows to quickly investigate and mitigate cybersecurity incidents.

2. Improve Incident Response Across People, Processes and Technology

It’s critical to establish a plan for incident response, but it’s just as important to ensure your plans and workflows are optimized. Security leaders should measure and assess the performance of their IR teams, and streamline and refine processes when needed.

Simulations and tabletop exercises can help ensure that all relevant parties — from the IR team to legal, marketing and executives — are well-versed in the organization’s IR protocols before they’re needed in a real-world incident.

It’s also critical to arm your team with the proper technology. According to respondents, an incident response platform (IRP) is among the most effective security technologies for helping organizations become cyber resilient.

3. Leverage Threat-Sharing Programs

Threat intelligence and threat sharing continue to present a seemingly equal amount of promise and concern for organizations. About half of respondents said their organization participates in an initiative or program for sharing information with government and industry peers. The others are not yet persuaded.

While questions about the cost and usefulness of these programs persist, organizations are increasingly seeing tangible benefits:

  • About 81 percent of respondents said threat sharing improves the security posture of their organization.
  • Three-fourths (75 percent) of respondents said it increases the effectiveness of their incident response.
  • More than half (53 percent) of respondents said it enhances the timeliness of incident response.

It’s important to make threat intelligence work for your specific organization. That includes figuring out how to effectively categorize and act on the intelligence provided as well as filtering out redundancies and noise. When implemented properly, threat sharing can enable important improvements.

More from

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today