As cyber resilience has shifted from an IT and security issue to a whole-business imperative, knowing how to build it effectively through C-level leadership, evolving investment and the right balance of talent can make all the difference.
The fifth episode of the series explores how to build effective cyber resilience across your organisation, and how it is a community effort, from boardroom level to the data center. Also explored is how resilience is not a ‘one and done’ investment, and how evolving threats and risks mean perceptions of how organisations should undertake building cyber resilience have also evolved.
In this episode of “Need to Know” host Liz Green, EMEA Advisory & Cyber Lead at Dell Technologies, is joined by William McLeod-Scott, Partner, Risk Advisory with Deloitte.
Listen In To Learn
- Why leadership from the C-suite is vital in building cyber resilience, but as part of a wider community
- How cyber resilience have moved from an IT and security issue to becoming a business imperative
- Why cyber resilience strategy needs to be part of your overall strategy, not siloed on its own
- What the shift in focus from identification and prevention to response and recovery means for organisations looking to strengthen their resilience
Starting at the beginning
“It’s about making sure that cyber resilience is part of an overall strategy – not a strategy all on its own”. – William McLeod-Scott
Understanding where to begin in building strong cyber resilience requires understanding who within your organisation is responsible for building it – and that is everyone across the business. While strong and directed C-suite level leadership is required for setting out a solid strategy, resilience (or lack thereof) is something that will affect the entire organisation, and the day-to-day of building it is the responsibility of everyone from the top down.
It’s an ongoing investment, not ‘one and done’
It is not simply a case of boards and managers needing to begin investing in cyber resilience – senior leadership has been investing in aspects of it for some time. When discussing cyber resilience strategy and the need for additional investment, ‘haven’t we already paid for this?’ is not an unfair question.
It is vital that ongoing investment in cyber resilience ensures that it works in conjunction with all other current business continuity, technology and security strategies, fitting together seamlessly to ensure a high standard of protection across the organisation. It is also important to examine worst case scenarios and stick to the maxim of ‘prepare for the worst, hope for the best’, especially in industries like Financial Services, where pervasive ransomware attacks are common and highly damaging if not recovered from well. Regulators are increasingly demanding organisations show evidence of preparing for ‘severe but plausible’ scenarios, so getting it right is paramount for compliance.
Building the winning team
“You can’t expect amateurs to turn up and provide you with real insight.” – William McLeod-Scott
Building effective cyber resilience is very much a team sport, relying on the skills and collaboration of a range of specialists and teams to establish and run consistently. While most organisations won’t be able to afford retaining a dedicated team of specialists at all times and keep their business commercially successful, experienced consultancy from outside professionals is invaluable when it comes to preparation and recovery planning.
At Dell Technologies, our objective is to provide a deep and broad portfolio of products, delivering specialist solutions for our clients, and partners enabling these solutions. To find out more about our range of cyber resilience solutions and how these can help inform your security strategy, click here.
You can listen to all episodes of “Need to Know” podcast, including this conversation on cyber resilience, here.
