,
08/16/2021 · 3 minute read
A security-centric organization focuses on prevention — deploying firewalls, limiting access, and training employees, among other cybersecurity processes and controls. A cyber-resilient organization anticipates the possible failure of those security measures and knows how it will act.
True cyber resilience is achieved when an organization has the capacity to not only anticipate and prevent attacks, but also to respond and recover from one. A cyber-resilient organization can minimize losses from a cyberattack and quickly resume operations.
In today’s cyber environment, organizations must be prepared to battle through adversity and restore operations quickly. The case for cyber resilience has never been stronger. Organizations should take these four steps to help build cyber resilience into their operations and embed it within their culture.
While most organizations rank cyber as an important or highly important risk, less than one-third of organizations use scenario-based financial metrics to model cyber risk. And more than a quarter of organizations do not model cyber risk at all.
To learn how leading global organizations perceive risk and define resilience, as well as the actions they are taking to increase their resilience, read Marsh's Risk Resilience Report.