The complex and ever-changing nature of cyber risk requires a continued evolution in how organisations approach resilience. No longer is access constrained to the four walls of an organisation. Any connected entity can serve as a point of entry, including third-party vendors who act as a “back door” to larger enterprise networks. Responding effectively to cyber risk requires proactive and holistic management.
The cyber risk landscape is dynamic and fluid, leaving organisations with stagnant policies and procedures vulnerable to attack. Just as threats increase in sophistication and malicious actors learn to bypass protections, organisations must continually assess and modify their cyber resilience methodology to keep pace. Our research shows that at least one in four G20 organisations have experienced a cyber-attack, where assets were stolen or compromised, in the last 12 months, emphasising the need for improved security.
Beyond creating a “culture of security,” organisations must proactively assess their digital ecosystem to determine additional vulnerabilities. Building a resilient organisation also requires proactive coordination from multiple departments, including senior leadership, instead of leaving cybersecurity to the IT department to handle independently. While there is increased recognition by senior leaders that cybersecurity is a business-critical risk, there is room for improvement in this area, and resilience is unachievable without their input and buy-in.Download Resilience Barometer 2020
For further information on how FTI Consulting can help your organisation to improve its resilience to critical events, please contact one of our experts here.