We’ve been extolling the virtues of cyber resilience a lot lately – and for good reason. The approach, which describes the ability to prepare for, respond to and recover from security incidents, is quickly becoming accepted by information security experts as the best way for organisations to address their cyber security needs.
But it’s not only experts who are saying this. Ponemon Institute’s Third Annual Study on the Cyber Resilient Organization found that senior managers are recognising the importance of cyber resilience.
The report found that awareness levels increased from 47% in 2015 to 57% in 2017. Meanwhile, 72% of respondents said their cyber resilience processes had improved in the past 12 months.
Why cyber resilience is important
The reason for the widespread acceptance of cyber resilience is that organisations and experts are recognising that the threat landscape is changing. According to Ponemon Institute:
- 64% of respondents said the volume of security incidents has increased in the past 12 months;
- 65% said the severity of incidents has increased; and
- 57% said the time it takes to resolve an incident has increased.
With breaches occurring so regularly, organisations are realising that it’s impossible to prevent every risk and that security incidents are a matter of ‘when’ and not ‘if’.
That doesn’t mean resigning yourself to regular disasters, though. It means accounting for the fact that data protection and incident response are continuations of one another. Cyber resilience enables organisations to build their strategies with this in mind, rather than balancing two separate approaches.
Budgeting for cyber resilience
Only 31% of respondents said they had an adequate cyber resilience budget in place. Organisations that were able to invest significantly said the most influential factors were:
- The appointment of more skilled personnel (61%);
- Improved information governance practices (60%);
- Better visibility into applications and data assets (57%);
- Implementation of new technology, such as automation and AI (47%); and
- Elimination of silo and turf issues (39%).
Is your organisation cyber resilient?
Find out whether your organisation is cyber resilient by taking our self-assessment. It’s free and can be completed in less than five minutes.
Once you’re done, our experts will give you the advice you need to kickstart your cyber resilience project and direct you towards the tools and services that can speed up the process.