June 1, 2020 By Beth Dunphy 3 min read

In January, the World Economic Forum (WEF) again included cyberattacks as one of the top 10 most likely and significant risks to society in 2020. Less than two months later, ways of working underwent a drastic change due to the global pandemic.

With so many employees working remotely and many business functions now in the cloud, organizations are rethinking their cybersecurity posture. As new ways of work are coupled with a growing prevalence of malware and ransomware, cyber resilience has become top of mind in boardrooms around the world.

What Is Cyber Resilience?

A quick search yields a variety of definitions for cyber resilience. Simply stated, cyber resilience is an organization’s ability to withstand adverse cyber events. A traditional cybersecurity program plans for the protection against cyberthreats and enhances the ability to detect and respond to those threats. Cyber resilience takes this traditional approach a step further by acknowledging that the organization must keep operating in a secure manner when faced with a variety of threats — including, but not limited to, cyberattacks.

Why Cyber Resilience and Why Now?

A 2019 Ponemon Institute study of 3,655 organizations found that 77 percent do not have incident response (IR) plans applied consistently across their organizations. Furthermore, 57 percent of respondents stated they experienced a significant disruption to their IT or business due to a cybersecurity breach. According to a Forbes Insights global survey report, only 42 percent of global executives reported being confident that their organization could recover from a major cyber event without impacting their business.

With so many organizations at risk of experiencing a cyber event and less than half believing they can withstand a major cyber event, what can organizations do?

Improving Cyber Resilience

Build Awareness

The first step to improving cyber resilience is to build awareness across the organization’s leadership that cybersecurity is not just a technical or IT problem — it’s a business problem. Organizations with a higher degree of cyber resilience experience less business impact due to cyber events.

Build Relationships

Forbes identified that 60 percent of security IR teams and business continuity teams do not work closely together or have established relationships in many organizations. Business continuity teams are charged with identifying threats that can materially impact the organization’s ability to operate. Cyberthreats are so prevalent that our business continuity processes must now include them. Likewise, security teams who are planning response activities for cyberattacks must also understand the business impact of those attacks.

Plan for the Inevitable

As any organization that has experienced a ransomware attack knows, a cyberattack can significantly impact or destroy a business’ ability to operate. Business continuity planning scenarios must include plans for withstanding a cyberattack. Traditional business continuity planning scenarios such as Workplace Unavailability, Workforce Unavailability or Regional Disasters can all be precipitated by a cyberthreat, driving the need for joint planning between business continuity and cybersecurity teams.

Test Together

The National Institute of Standards and Technology (NIST) recommends testing response plans as part of both disaster recovery and IR planning activities. Including cyberthreats as part of business continuity exercise scenarios, as well as including the cybersecurity team as part of the exercise itself, will help the organization be better prepared for both business continuity and disaster recovery in the event of a real-world event. Likewise, cybersecurity teams will find higher quality testing by including both business stakeholders and business continuity team members as part of their incident response testing.

Respond Effectively

Rapid response during any type of crisis — cyber or real-world — generally means less potential impact to the organization. One of the main reasons to plan and test for any type of disaster is to improve the speed and quality of the response effort. In some circles this is known as reducing your OODA Loop, where you Observe, Orient, Decide and Act during a crisis. When teams plan and test together, their OODA loops will be shorter and tighter, leading to more effective and timely response activities.

While organizations increasingly depend on technology to support their businesses, they can no longer afford to treat cybersecurity as a technical issue — it’s a critical facet of their business continuity, and a shift in focus to cyber resilience is required for success. Organizations need a new paradigm, one that is driven by a growing partnership between business stakeholders, business continuity teams and cybersecurity teams, to withstand cyberattacks and continue to operate as they modernize their businesses and embrace new ways of working.

More from CISO

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Boardroom cyber expertise comes under scrutiny

3 min read - Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to cyber concerns?A report released last year showed that just 5% of CISOs reported directly to the CEO. This was actually down from 8% in 2022 and 11% in 2021. But even if board members don’t want to get too close…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today