June 1, 2020 By Beth Dunphy 3 min read

In January, the World Economic Forum (WEF) again included cyberattacks as one of the top 10 most likely and significant risks to society in 2020. Less than two months later, ways of working underwent a drastic change due to the global pandemic.

With so many employees working remotely and many business functions now in the cloud, organizations are rethinking their cybersecurity posture. As new ways of work are coupled with a growing prevalence of malware and ransomware, cyber resilience has become top of mind in boardrooms around the world.

What Is Cyber Resilience?

A quick search yields a variety of definitions for cyber resilience. Simply stated, cyber resilience is an organization’s ability to withstand adverse cyber events. A traditional cybersecurity program plans for the protection against cyberthreats and enhances the ability to detect and respond to those threats. Cyber resilience takes this traditional approach a step further by acknowledging that the organization must keep operating in a secure manner when faced with a variety of threats — including, but not limited to, cyberattacks.

Why Cyber Resilience and Why Now?

A 2019 Ponemon Institute study of 3,655 organizations found that 77 percent do not have incident response (IR) plans applied consistently across their organizations. Furthermore, 57 percent of respondents stated they experienced a significant disruption to their IT or business due to a cybersecurity breach. According to a Forbes Insights global survey report, only 42 percent of global executives reported being confident that their organization could recover from a major cyber event without impacting their business.

With so many organizations at risk of experiencing a cyber event and less than half believing they can withstand a major cyber event, what can organizations do?

Improving Cyber Resilience

Build Awareness

The first step to improving cyber resilience is to build awareness across the organization’s leadership that cybersecurity is not just a technical or IT problem — it’s a business problem. Organizations with a higher degree of cyber resilience experience less business impact due to cyber events.

Build Relationships

Forbes identified that 60 percent of security IR teams and business continuity teams do not work closely together or have established relationships in many organizations. Business continuity teams are charged with identifying threats that can materially impact the organization’s ability to operate. Cyberthreats are so prevalent that our business continuity processes must now include them. Likewise, security teams who are planning response activities for cyberattacks must also understand the business impact of those attacks.

Plan for the Inevitable

As any organization that has experienced a ransomware attack knows, a cyberattack can significantly impact or destroy a business’ ability to operate. Business continuity planning scenarios must include plans for withstanding a cyberattack. Traditional business continuity planning scenarios such as Workplace Unavailability, Workforce Unavailability or Regional Disasters can all be precipitated by a cyberthreat, driving the need for joint planning between business continuity and cybersecurity teams.

Test Together

The National Institute of Standards and Technology (NIST) recommends testing response plans as part of both disaster recovery and IR planning activities. Including cyberthreats as part of business continuity exercise scenarios, as well as including the cybersecurity team as part of the exercise itself, will help the organization be better prepared for both business continuity and disaster recovery in the event of a real-world event. Likewise, cybersecurity teams will find higher quality testing by including both business stakeholders and business continuity team members as part of their incident response testing.

Respond Effectively

Rapid response during any type of crisis — cyber or real-world — generally means less potential impact to the organization. One of the main reasons to plan and test for any type of disaster is to improve the speed and quality of the response effort. In some circles this is known as reducing your OODA Loop, where you Observe, Orient, Decide and Act during a crisis. When teams plan and test together, their OODA loops will be shorter and tighter, leading to more effective and timely response activities.

While organizations increasingly depend on technology to support their businesses, they can no longer afford to treat cybersecurity as a technical issue — it’s a critical facet of their business continuity, and a shift in focus to cyber resilience is required for success. Organizations need a new paradigm, one that is driven by a growing partnership between business stakeholders, business continuity teams and cybersecurity teams, to withstand cyberattacks and continue to operate as they modernize their businesses and embrace new ways of working.

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today