Cyber-resilient business

As the number of cyberattacks increases, businesses are changing their cybersecurity strategies.


Rather than focus purely on prevention, cyber-resilience focuses on ensuring an organisation can manage, mitigate – and move on from – cyberattacks.  Research conducted by the Ponemon Institute in the UK surveyed 450 IT/IT security professionals to explore what cyber-resilience looks like in the real world.

They key to cyber-resilience is preparedness.  Despite this, only 18% of respondents reported their organisations had a consistent computer security incident response plan – or CSIRP.

Interestingly German respondents are more confident in their organisation’s ability to withstand cyberattacks.  63% said they could contain a cyberattack and 54% reported a high resilience rate (compared to only 25% of US and 29% of UK respondents).

Key findings

  • Organisations are facing a range of cyber-threats, including those created by human error
  • Only 18% of respondents have a well-defined enterprise wide CSIRP
  • In order to achieve cyber-resilience, then one function must clearly have responsibility for cybersecurity
  • Collaboration between business functions is essential
  • A knowledgeable staff and preparedness are most important to achieving a high level of cyber resilience.
  • Organisational factors can hold back cyber-resilience.  This includes the failure by leaders to recognise the potential damage cyberattacks may have on the organisation

The full research paper is available to download via Ponemon.