Business Model &
Workforce Transformation

Efficiency and effectiveness:
Driving change across the business cycle

Operational &
Financial Resilience

Creative destruction:
Building resilience from the balance sheet up

Digital Trust
& Ecosystems

A new world of threats:
Managing cybersecurity risk in changing times

Escalation Planning
& Response

The Anatomy of a Crisis:
The right approach to crisis preparedness is a holistic one

Remediation &
Dispute Resolution

Investigations and disputes in a post-COVID world:
When will the storm hit?

Government &
Stakeholder Relations

Strength in leadership:
The new rules of stakeholder engagement

Economic Impact
& Sustainability

Resilience and Sustainability:
Two sides of the same coin?

Real-Time Data
Analytics

Data is the lifeblood of resilient businesses

The most successful organisations in coming years will be those that recognise cyber resilience as a vital source of competitive advantage – but for now, cybersecurity strategy could be key to survival in a world disrupted by COVID-19.

More than

1 in 5

business leaders surveyed had lost customer information through cybersecurity incidents

Companies receive

the media attention in the month following a cyber breach, and

the social media coverage

Cyber attacks were already frequent before the outbreak of COVID-19. According to FTI Consulting’s Resilience Barometer™ 2020 (published in January), 20% of organisations had been victims of a ransom or data hostage situation.

Ongoing digitisation of business means cyber attacks can inflict damage right across commercial ecosystems. Of companies experiencing cyber attacks, 27% lose revenue and similar proportions lose assets or customer information. Reputational harm is another danger. FTI research indicates that on average, a company receives five times more media coverage and eight times more social media coverage in the month after a cyber breach than in normal conditions.

Despite these risks, a worrying 90% of Barometer respondents reported gaps in their organisations’ cybersecurity defences. Now, more than ever, it’s vital to address these gaps and mitigate risks in a dynamic, increasingly vulnerable world.

ESTABLISHING A CYBER RISK MITIGATION STRATEGY

Resilience across the business can best be achieved through a comprehensive cyber risk mitigation strategy. This entails analysing the organisation’s unique cyber risk profile, creating and maintaining organisation-wide cybersecurity awareness, identifying critical assets, and developing and testing business continuity and incident response plans.

The strategy must be driven by the CEO and Board. For that to happen, cybersecurity leaders and advisers should explain the issues in a way that makes sense to senior management, focusing on commercial imperatives rather than technicalities.

Through holistic management of cyber risk, businesses can mitigate threats and reduce downtime. If an incident does occur, resilient organisations can respond effectively, safeguard their reputation, and restore trust in their digital ecosystems.

of business leaders surveyed believed they had gaps in their cybersecurity frameworks

of business leaders surveyed had been victims of ransom or data-hostage situations

of business leaders surveyed believed the gaps in their cybersecurity frameworks came from employee awareness and training

PROTECT

Today’s threat landscape is evolving rapidly: for example, remote working may dictate an increased reliance on employee diligence, together with some acceptance of temporary IT solutions that are installed without assessing vulnerabilities. A cybersecurity risk assessment is key to protecting your business, employees and technical infrastructure.

ADAPT

Cybersecurity policies, processes and procedures must adapt to new working practices. Consider how your threat profile has changed, whether the incident response plan is compatible with remote working, and how far third-party suppliers comply with cybersecurity policies.

COMPETE

Given the inevitability of cybersecurity incidents, the entire workforce should be recruited to build cyber resilience. Increasing the maturity of the cybersecurity approach in this way will create competitive advantage by positioning the business to seize new opportunities and grow securely.