In January, the World Economic Forum (WEF) again included cyberattacks as one of the top 10 most likely and significant risks to society in 2020. Less than two months later, ways of working underwent a drastic change due to the global pandemic.

With so many employees working remotely and many business functions now in the cloud, organizations are rethinking their cybersecurity posture. As new ways of work are coupled with a growing prevalence of malware and ransomware, cyber resilience has become top of mind in boardrooms around the world.

What Is Cyber Resilience?

A quick search yields a variety of definitions for cyber resilience. Simply stated, cyber resilience is an organization’s ability to withstand adverse cyber events. A traditional cybersecurity program plans for the protection against cyberthreats and enhances the ability to detect and respond to those threats. Cyber resilience takes this traditional approach a step further by acknowledging that the organization must keep operating in a secure manner when faced with a variety of threats — including, but not limited to, cyberattacks.

Why Cyber Resilience and Why Now?

A 2019 Ponemon Institute study of 3,655 organizations found that 77 percent do not have incident response (IR) plans applied consistently across their organizations. Furthermore, 57 percent of respondents stated they experienced a significant disruption to their IT or business due to a cybersecurity breach. According to a Forbes Insights global survey report, only 42 percent of global executives reported being confident that their organization could recover from a major cyber event without impacting their business.

With so many organizations at risk of experiencing a cyber event and less than half believing they can withstand a major cyber event, what can organizations do?

Improving Cyber Resilience

Build Awareness

The first step to improving cyber resilience is to build awareness across the organization’s leadership that cybersecurity is not just a technical or IT problem — it’s a business problem. Organizations with a higher degree of cyber resilience experience less business impact due to cyber events.

Build Relationships

Forbes identified that 60 percent of security IR teams and business continuity teams do not work closely together or have established relationships in many organizations. Business continuity teams are charged with identifying threats that can materially impact the organization’s ability to operate. Cyberthreats are so prevalent that our business continuity processes must now include them. Likewise, security teams who are planning response activities for cyberattacks must also understand the business impact of those attacks.

Plan for the Inevitable

As any organization that has experienced a ransomware attack knows, a cyberattack can significantly impact or destroy a business’ ability to operate. Business continuity planning scenarios must include plans for withstanding a cyberattack. Traditional business continuity planning scenarios such as Workplace Unavailability, Workforce Unavailability or Regional Disasters can all be precipitated by a cyberthreat, driving the need for joint planning between business continuity and cybersecurity teams.

Test Together

The National Institute of Standards and Technology (NIST) recommends testing response plans as part of both disaster recovery and IR planning activities. Including cyberthreats as part of business continuity exercise scenarios, as well as including the cybersecurity team as part of the exercise itself, will help the organization be better prepared for both business continuity and disaster recovery in the event of a real-world event. Likewise, cybersecurity teams will find higher quality testing by including both business stakeholders and business continuity team members as part of their incident response testing.

Respond Effectively

Rapid response during any type of crisis — cyber or real-world — generally means less potential impact to the organization. One of the main reasons to plan and test for any type of disaster is to improve the speed and quality of the response effort. In some circles this is known as reducing your OODA Loop, where you Observe, Orient, Decide and Act during a crisis. When teams plan and test together, their OODA loops will be shorter and tighter, leading to more effective and timely response activities.

While organizations increasingly depend on technology to support their businesses, they can no longer afford to treat cybersecurity as a technical issue — it’s a critical facet of their business continuity, and a shift in focus to cyber resilience is required for success. Organizations need a new paradigm, one that is driven by a growing partnership between business stakeholders, business continuity teams and cybersecurity teams, to withstand cyberattacks and continue to operate as they modernize their businesses and embrace new ways of working.

More from CISO

How to Solve the People Problem in Cybersecurity

You may think this article is going to discuss how users are one of the biggest challenges to cybersecurity. After all, employees are known to click on unverified links, download malicious files and neglect to change their passwords. And then there are those who use their personal devices for business purposes and put the network at risk. Yes, all those people can cause issues for cybersecurity. But the people who are usually blamed for cybersecurity issues wouldn’t have such an…

The Cyber Battle: Why We Need More Women to Win it

It is a well-known fact that the cybersecurity industry lacks people and is in need of more skilled cyber professionals every day. In 2022, the industry was short of more than 3 million people. This is in the context of workforce growth by almost half a million in 2021 year over year per recent research. Stemming from the lack of professionals, diversity — or as the UN says, “leaving nobody behind” — becomes difficult to realize. In 2021, women made…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

Detecting the Undetected: The Risk to Your Info

IBM’s Advanced Threat Detection and Response Team (ATDR) has seen an increase in the malware family known as information stealers in the wild over the past year. Info stealers are malware with the capability of scanning for and exfiltrating data and credentials from your device. When executed, they begin scanning for and copying various directories that usually contain some sort of sensitive information or credentials including web and login data from Chrome, Firefox, and Microsoft Edge. In other instances, they…