Light Dark
January 20, 2017 By Maria Battaglia 3 min read
Incident Response
Risk Management

Companies continue to face challenges preparing for and responding to cyberattacks — but there are clear steps security teams can take to improve their cyber resilience and manage today’s cyberthreats. This was the key takeaway from the 2016 global report on resilience from the Ponemon Institute.

Our on-demand webinar, “Key Steps to Improving Your Cyber Resilience,” features Dr. Larry Ponemon of the Ponemon Institute and John Bruce, chief technology officer at IBM Resilient. It explores the study’s findings and provides actionable recommendations to security teams to improve their resilience.

Cyber Resilience Strategy: A Conversation With Dr. Larry Ponemon

Dive into the state of cyber resilience today and explore real-world examples of organizations improving their ability to manage, mitigate and move on from cyberattacks. I had the opportunity to ask Ponemon about his thoughts on some of the most interesting findings from the study.

Question: Cyber resilience is a term that may be new to some people. Can you define it?

Ponemon: We define cyber resilience as “the capacity of an enterprise to maintain its core purpose and integrity in the face of cyberattacks.” In the context of the research we collaborated on, cyber resilience can be seen as the alignment of prevention, detection and response capabilities to manage, mitigate and move on from cyberattacks. A cyber-resilient enterprise is one that can prevent, detect, contain and recover from a plethora of serious threats against data, applications and IT infrastructure.

Why should security leaders strive to improve this?

The first reason to improve cyber resilience is one we all know: Cyberattacks will continue to mount and grow more and more complex and sophisticated. Our data showed that most organizations experienced a data breach in the past year — often more than once.

As this climate continues to worsen, having an improved cyber resilience will be crucial to organizations of any size in any industry.

Second, cyber resilience is an organizational effort. It involves people, process and technology — and the coordination of business units across a company.

There’s no easy fix. Improving cyber resilience takes a commitment to making improvements over a long period of time. Security leaders would be smart to get started today.

What was the most surprising finding overall in the study?

One interesting finding was the emergence of IT process and business process complexity as a new barrier to cyber resilience. In fact, complexity is the second-biggest barrier to cyber resilience, behind only “insufficient planning and preparedness” — a huge leap from 2015.

These complexities can be tied to a number of things, but we often see organizations with a deluge of IT and security tools and processes — and no real overarching system to manage it all. With a lot of fragmented tools and processes in place, a lack of standardization can make everything complex very quickly.

This year, it looks as though the study had more global reach. Were the findings different market by market? If so, how?

Interestingly, Germany and France tended to be outliers on opposite ends of the spectrum for cyber resilience. German organizations are much more confident in their ability to be cyber resilient compared to the other countries we focused on. These companies reported placing a high value on being cyber resilient and saw importance in having skilled security employees within the organization.

On the other hand, French organizations felt largely the opposite. They reported the lowest confidence in their cyber resilience abilities but did not place much as much value in this compared to the other countries. They also placed a lower priority than others in getting skilled security employees on staff.

Are there ways that companies can improve their cyber resilience?

The key is to start from the top down and get executive buy-in. This goes beyond just getting the right tools in place and checking the box. With executive buy-in, security becomes a part of the culture.

It is not easy to become completely cyber resilient, but a real effort to combine the technology with people and process will certainly improve the situation. If the executives are committed and providing guidance and prioritization, they can create a sense of value around security for the entire organization.

This will play a role in recruiting to help fill skills gaps, as well as empowering existing employees to improve their process, cyber resilience and overall security.

Watch the complete on-demand webinar to learn more about how to improve you cyber resilience

Maria Battaglia
CMO, IBM Resilient

More from Incident Response
October 6, 2023

X-Force uncovers global NetScaler Gateway credential harvesting campaign

6 min read - This post was made possible through the contributions of Bastien Lardy, Sebastiano Marinaccio and Ruben Castillo. In September of 2023, X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials. The campaign is another example of increased interest from cyber criminals in credentials. The 2023 X-Force cloud threat report found that 67% of cloud-related…

September 27, 2023

Tequila OS 2.0: The first forensic Linux distribution in Latin America

3 min read - Incident response teams are stretched thin, and the threats are only intensifying. But new tools are helping bridge the gap for cybersecurity pros in Latin America. IBM Security X-Force Threat Intelligence Index 2023 found that 12% of the security incidents X-force responded to were in Latin America. In comparison, 31% were in the Asia-Pacific, followed by Europe with 28%, North America with 25% and the Middle East with 4%. In the Latin American region, Brazil had 67% of incidents that…

August 31, 2023

Alert fatigue: A 911 cyber call center that never sleeps

4 min read - Imagine running a 911 call center where the switchboard is constantly lit up with incoming calls. The initial question, “What’s your emergency, please?” aims to funnel the event to the right responder for triage and assessment. Over the course of your shift, requests could range from soft-spoken “I’m having a heart attack” pleas to “Where’s my pizza?” freak-outs eating up important resources. Now add into the mix a volume of calls that burnout kicks in and important threats are missed.…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature