The Cyber Resilient Organization, Part I: Building Cyber Resiliency

By: Kaustubh Vazalwar

Cyber resiliency is becoming a top priority as organizations take advantage of the latest digital technologies, broaden their global customer base and mine the world’s newest natural resource — data.

Cloud computing, artificial intelligence, the Internet of Things, blockchain and the proliferation of social media have taken human connection and data accessibility to unprecedented heights. Their power and influence on business make our efforts to protect them from harm that much more significant. So, how can organizations begin to establish and prioritize cyber resiliency and use its core purpose to promote long-term business growth?

In an article for Harvard Business Review, Diane Coutu defines resilience as “the skill and the capacity to be robust under conditions of enormous stress and change.”1 While stressful conditions are hard to avoid in any line of work, an organization’s capacity to withstand IT threats and move forward to pursue its business objectives can always be improved.

Build a Resilient Organization

In her article, “How Resilience Works,” Coutu explains that all resilient organizations share three fundamental characteristics:

  • Facing down reality
  • The propensity to make meaning of terrible times
  • Ritualized ingenuity

The first step to becoming a cyber resilient organization is accepting that cyberthreats to your organization are real. It’s no longer a matter of if, but when, and many companies may already be unknowingly compromised. This is especially important in the era of advanced persistent threats, in which cybercriminals hide inside an organization’s IT environment over a long period of time.

Organizations must also equip themselves with the right tools, as well as experts who can locate vulnerabilities and find solutions before a cyberattack or other IT failure occurs. Businesses also need leadership that is committed to empowering employees by implementing long-term strategies that stop repeated incidents. Organizations should also make use of AI and cognitive technologies, as well as predictive analytics for pattern recognition, to detect and thwart potential threats.

Finally, in the midst of these evolving cyberattacks, the most successful cyber resilient organizations will outpace their competition by being inventive, original and aggressive. They won’t compromise security for growth; clients will feed off of that level of accountability.

In my mind, cyber resilience should be viewed as the skill and the ability to foresee, analyze, defend, recover and learn to improvise from stressful conditions or events that impact critical, cyber-enabled resources. I’m confident that with the right set of values, committed leadership and a collective commitment to security, every organization is capable of becoming cyber resilient.

Learn more about IBM Business Resiliency Services, or talk to an IBM expert about your specific needs.

Read Part II and Part III of The Cyber Resilient Organization blog series.


[1] https://hbr.org/2002/05/how-resilience-works

Topics: , ,

About The Author

Kaustubh Vazalwar

Group Manager : Global Resiliency, IBM

Kaustubh is a seasoned & certified resiliency professional with experience in strategic as well as technological aspects of business. His experience spans in the area of Infrastructure & Information security implementation & consulting, Business Continuity as well as IT Disaster Recovery Planning (BCP/DRP) & management, Cyber security, Information Risk Management services, Operational risk management, IS... Read More