Cyberattack resilience requires way more than just protective and defensive security tools and training. Resilience is about being able to recover rapidly and thus must include BCM (Business Continuity Management) activities. It is time to redefine the role of CISOs. I made this point in yesterday’s webinar on cybersecurity budgeting. If you missed it, you can watch the webcast here.

Prevention is key in limiting cyberattacks. A Chief Information Security Officer is responsible for prevention. Best practices of employees are responsible for prevention. From the top down the conversation surrounding cybersecurity has always been how to prevent an attack. But yet, despite the prevention, cyberattacks occur more frequently than ever before – and with more severe intensity.

Attacks will not only continue; they are continually evolving to exploit new vectors with new tools. Don’t assume that no one will attack you – they are attacking permanently. So, is prevention enough?

What are the crown jewels? What would happen to your business if they were attacked? How would you get them up and running again? And how do you prepare your C level for crisis communication?

A far more realistic ambition is to be able to react so that business can go back to usual as quickly as possible. Detect, respond, recover, and improve. How can a business react to an attack while still planning for its future? By not segregating preventative action and BCM. Do not fall prey to the blame game, allowing the BCM team to blame the CISO for a failed prevention. A fusion of creative expertise will mitigate an attack and streamline the recovery.

My suggestion for every CISO, CIO, SOC and CDC: Extend the scope of what you’re doing. It’s more than just traditional cybersecurity. Business continuity is part of the picture. Even more so, BCM is key to cybersecurity. Take a step back and reflect about your cybersecurity portfolio. You can’t manage a portfolio that is too complex.

This will definitely be a hot topic at our cybersecurity events in Washington, D.C. and Berlin. If you want to take your cybersecurity portfolio under scrutiny, you should check out our Portfolio Compass service which is explained in our Advisory Services flyer. We have a lot of current research on cybersecurity issues on our new content platform KC PLUS.

See also