With cybercrime accelerating at an alarming rate, it’s impossible to overstate the importance of cyber resilience, as distinct from cybersecurity, and the competitive benefits it provides to organizations.

In a recent survey, 91% of organizations said that they experienced at least one cyber incident over the last year. What’s more, 51% of respondents said they suffered moderate or significant consequences like financial loss, business disruptions, reputational harm, and regulatory penalties from those incidents.

In this first article in a two-part series, we’ll see how cyber resilience refers to an organization’s ability to endure and recover from cyber-attacks. We’ll investigate how, by improving resiliency, organizations have a better chance of withstanding sophisticated attacks – including ransomware, distributed denial of service (DDoS), and social engineering attacks – and avoiding extensive downtime and data loss.

A cyber resilience strategy includes measures for detecting and responding to cyber-attacks to minimize damage. At a high level, cyber resilience involves optimizing security tools and processes, ensuring business continuity, and implementing risk management policies. The goal is to maintain the delivery of intended outcomes despite challenges or crises.

For example, an organization with strong cyber resilience may create and maintain data backups, train employees on cybersecurity best practices, and use real-time monitoring to detect incidents as they occur. It may also diversify its data center infrastructure and run incoming network traffic through third-party services to mitigate DDoS attacks. Simply put, combining security technologies and methodologies leads to better planning and responsiveness.

Joseph Carson, Chief Security Scientist, Delinea

Cyber resilience vs. cybersecurity Cyber resilience and cybersecurity have the same objective: to protect an organization from threat actors. But while cyber resilience focuses on preparing for and responding to cyber incidents, cybersecurity mainly focuses on awareness and prevention.

Cyber resilience concerns an organization’s ability to continue operating effectively during and after a cyber incident. It involves cybersecurity measures, incident response planning, and business continuity planning. In particular, it:

    • Combines threat protection resilience practices
    • Streamlines incident management and response
    • Prioritizes adaptability, recoverability and durability

Cybersecurity, on the other hand, focuses on protecting systems, networks and devices from unauthorized access, theft, damage and disruption. It requires integrating multiple security systems to build an active, layered defense environment. In particular, it:

    • Reduces exposure to internal and external cyberthreats
    • Combines technologies and frameworks like threat intelligence, vulnerability scanning, Endpoint Detection and Management (EDM), and Privileged Access Management (PAM)
    • Involves regular risk assessments and planning

As you can see, cyber resilience and cybersecurity are related but distinct concepts. In other words, cyber resilience is NOT a replacement for cybersecurity and vice versa. Instead, they work hand-in-hand and, by prioritizing cybersecurity, you can ultimately become more resilient and more effective in your remediation efforts.

Cyber resilience and disaster recovery

Cyber resilience and disaster recovery both reflect an organization’s ability to endure disruptions and maintain business continuity. The main difference is that disaster recovery encompasses a much broader range of threats – including natural disasters like hurricanes, power outages, connectivity loss, and IT failure.

In today’s digital age, with organizations increasingly connected and data-driven, cyber resilience has become a fundamental component of disaster recovery. Achieving cyber resilience is critical for avoiding downtime and data loss, and being able to continue operating and serving customers. Disaster recovery planning must therefore include conducting data assessments, implementing cloud recovery tools, and encrypting backup data.

Business benefits of cyber resilience

Organizations that avoid or delay cyber resilience planning risk suffering catastrophic security incidents. The threat is especially apparent in operational technology (OT) environments where hardware and software interact with the physical world and support public services and infrastructure. In fact, Gartner predicts that by 2025, threat actors will weaponize OT environments and successfully harm humans.

With cybercrime worsening, cyber resilience is now a fundamental business need that organizations can’t afford to ignore. By building a comprehensive cyber resilience strategy, you can enjoy a number of benefits including minimizing financial loss, increasing uptime and availability, and gaining customer trust.

According to IBM, the average global cost of a data breach is US$4.45 million. In Japan, the average cost is US$4.52 million, in South Korea US$3.48, in ASEAN countries US$3.05 million, in Australia US$2.70 million, and in India US$2.18 million. However, the cost of a cyber attack can be much higher when factoring in productivity loss, legal complications and remediation expenses.

Two recent examples suggest that the average cost could be a conservative estimate. Insurer Medibank Australia, for example, expects the one-year cost of its 2022 data breach to be between A$40-A$45 million. And Australian telco Optus has estimated the cost of its 2022 data breach at A$140 million.

By having a robust cyber resilience plan in place, the financial impact of cyber incidents can be minimized since sensitive files, systems, user accounts and applications are protected, and the organization is able to recover quickly and get back to business as usual.

Cybersecurity incidents can disrupt internal business operations, productivity and communications. They often lead to lengthy outages that last several hours or days. With a solid cyber resilience strategy, organizations can ensure that business continues humming along during and after a cyber incident – minimizing downtime and avoiding service delays.

Prioritizing cyber resilience streamlines compliance with various security policies. This leads to better decision-making and helps team members move with greater speed and accuracy when responding to incidents.

Organizations also have a great opportunity to use cyber resilience as a differentiating factor – gaining customer trust and building loyalty. In an age of high-profile data breaches, cybersecurity is a key part of the customer experience and customers increasingly want to work with organizations that protect their personal information and avoid service outages.

Cyber resilience enables enterprise resilience

Enterprise resilience refers to an organization’s capacity to account for and react to change, a necessary capability for surviving and evolving.

Cyber resilience enables enterprise resilience by allowing an organization to continue operating and transforming during times of crisis. And when leaders are confident in security, the company is free to continue focusing on growth goals – like digital transformation and automation – without having to shift priorities and budgets.

Cyber resilience is especially important due to the current IT talent shortage. IT executives presently see the talent shortage as the most significant adoption barrier to 64% of emerging technologies. Gartner also predicts that a lack of talent will contribute to more than half of all significant cyber incidents by 2025.

By focusing on cyber resilience, IT leaders can build safe and efficient operating environments that talented, hard-to-find employees want to work in. As a result, employee stress and burnout decreases, and employee retention and engagement improves.

Most organizations today are integrating digital technologies to improve culture, processes and employee experiences. But digital transformation also exposes organizations to greater risk. In fact, four in 10 organizations link internal fraud incidents to the digital platforms they rely on.

Because cyber resilience identifies potential threats, assesses their impact, and forms concrete actions to address them, it supports digital transformation. This allows organizations to innovate with greater speed, confidence and security, more than justifying the investment required.

In the next instalment of this two-part series, we’ll examine what a cyber resilience framework looks like, the challenges to achieving cyber resilience, and the steps organizations can take to achieve it.