Written by

Bernard Marr

Bernard Marr is a world-renowned futurist, influencer and thought leader in the fields of business and technology, with a passion for using technology for the good of humanity. He is a best-selling author of over 20 books, writes a regular column for Forbes and advises and coaches many of the world’s best-known organisations. He has a combined following of 4 million people across his social media channels and newsletters and was ranked by LinkedIn as one of the top 5 business influencers in the world.

Bernard’s latest books are ‘Future Skills’, ‘The Future Internet’, ‘Business Trends in Practice’ and ‘Generative AI in Practice’.

Generative AI Book Launch
View My Latest Books

Follow Me

Bernard Marr ist ein weltbekannter Futurist, Influencer und Vordenker in den Bereichen Wirtschaft und Technologie mit einer Leidenschaft für den Einsatz von Technologie zum Wohle der Menschheit. Er ist Bestsellerautor von 20 Büchern, schreibt eine regelmäßige Kolumne für Forbes und berät und coacht viele der weltweit bekanntesten Organisationen. Er hat über 2 Millionen Social-Media-Follower, 1 Million Newsletter-Abonnenten und wurde von LinkedIn als einer der Top-5-Business-Influencer der Welt und von Xing als Top Mind 2021 ausgezeichnet.

Bernards neueste Bücher sind ‘Künstliche Intelligenz im Unternehmen: Innovative Anwendungen in 50 Erfolgreichen Unternehmen’

View Latest Book

Follow Me

The Important Difference Between Cybersecurity And Cyber Resilience (And Why You Need Both)

2 July 2021

Cyber threats like hacking, phishing, ransomware, and distributed denial-of-service (DDoS) attacks have the potential to cause enormous problems for organizations. Not only can companies suffer serious service disruption and reputational damage, but the loss of personal data can also result in huge fines from regulators.

Take British Airways as an example. In 2019, the airline was fined more than £183m by the UK’s Information Commissioner’s Office (ICO) after customer data was compromised in a cyber-attack. Customer details, including name, address, logins, and payment card, were harvested by hackers – affecting half a million customers in total. The fine, which amounts to around 1.5% of British Airways’ global 2018 turnover, was the first proposed by the ICO under the new General Data Protection Regulation (GDPR).

Cyberattacks like this are hitting the headlines with increasing frequency. But while a company the size of British Airways can, in theory, swallow such a huge fine and cope with the aftermath, for other businesses, the effects of a cyber-attack can be permanent and devastating. This is why all companies need to invest in cybersecurity and cyber resilience.

What’s the difference between the two?

In a nutshell, cybersecurity describes a company’s ability to protect against and avoid the increasing threat from cybercrime. Meanwhile, cyber resilience refers to a company’s ability to mitigate damage (damage to systems, processes, and reputation), and carry on once systems or data have been compromised. Cyber resilience covers adversarial threats (such as hackers and other malicious actors), as well as non-adversarial threats (for example, simple human error).

One way of thinking about the difference is that cyber resilience involves accepting the fact that no cybersecurity solution is perfect or capable of protecting against every possible form of cyber threat. This is why every company needs both aspects. The cybersecurity strategy is designed to minimize the risk of attacks getting through. But when they inevitably do, the cyber resilience strategy is there to minimize the impact.

What does all this mean in practice?

Practical cybersecurity steps are perhaps more immediately obvious than those for cyber resilience. At the very least, cybersecurity involves ensuring:

  • All your devices are running the most up-to-date firmware
  • That firewalls, VPNs, and antivirus/malware protection is running and up-to-date
  • That all software and tools are fixed with the latest patches
  • That employees at all levels of the business are educated on the potential threats and how their actions help to defend the organization

Cyber resilience steps will vary from business to business, but a good starting point is to work out where cyber events and incidents could have the most damaging effects on the business. Drawing up a list of where your operations are reliant on technology, as well as where sensitive and valuable data is stored and used, will help you to gain an overall understanding of how continuity of service could be affected. This is where the concept of a “digital twin” can play an important role in cyber resilience. A digital, simulated model of your organization or its processes can help you understand the impact on overall output and efficiency.

Having gained an understanding of how core functions could be affected, cyber resilience involves putting in place measures to mitigate the damage as best as possible in the event of an attack. For example, you might develop offline emergency processes to keep essential functions such as customer service, quality assurance, finance, and security running as well as possible until the breach can be fixed.

In addition, you’ll need a solid cyber incident response plan to clarify:

  • What needs to be done in the event of a failure or breach
  • Who is responsible for taking those steps
  • How to communicate the incident to stakeholders (customer services will have a core role to play here)
  • How failures should be reported to regulators (which may be a regulatory requirement in your jurisdiction)
  • How to assess and report the impact of resilience measures
  • How to get back to normal operations as quickly as possible
  • How to recover data, if data has been lost or accidentally erased (cyber resilience promotes the idea that it’s impossible to certify that any piece of data is totally “safe,” even if the data is backed up, and therefore steps should be in place to recover it when it is lost)

To help put this plan into action in the event of an incident, many organizations find it helps to create a response team, with representatives from every business department who are responsible for declaring a “state of emergency” and coordinating first responses.

Technology brings incredible new opportunities and business advantages, but it also brings unprecedented new threats. Cybersecurity and resilience both require an investment in time, resources, and education, but that investment will be repaid many times over once you’ve withstood your first cyber-attack.

Cybersecurity and resilience are included in the 25 technology trends that I believe will transform our society. Read more about these key trends – including plenty of real-world examples – in my new book, Tech Trends in Practice: The 25 Technologies That Are Driving The 4th Industrial Revolution.


Business Trends In Practice | Bernard Marr
Business Trends In Practice | Bernard Marr

Related Articles

The 5 Biggest Technology Trends For 2025 Everyone Must Be Ready For Now

Unbelievable as it seems, we’re rapidly approaching 2025. This means it’s time for me to once again pick the trends that I believe will be most important over the coming year.[...]

The Amazing Ways Amazon Is Using AI Robots

Amazon, the e-commerce giant, has long been at the forefront of technological innovation.[...]

The Geopolitics Of AI

Artificial intelligence (AI) is likely to be one of the most transformative technologies of the century.[...]

How AI Is Used In War Today

From autonomous drones to facial recognition algorithms designed to recognize perpetrators of war crimes, the conflict in Ukraine has become a testing ground for the use of artificial intelligence in warfare.[...]

Will AI Solve The World’s Inequality Problem – Or Make It Worse?

We are standing on the cusp of a new technological revolution. AI is increasingly permeating every aspect of our lives, with intelligent machines transforming the way we live and work.[...]

How You Become Irreplaceable In The Age Of AI

In a world where artificial intelligence is rapidly advancing, many of us are left wondering: Will AI take our jobs?[...]

Sign up to Stay in Touch!

Bernard Marr is a world-renowned futurist, influencer and thought leader in the fields of business and technology, with a passion for using technology for the good of humanity.

He is a best-selling author of over 20 books, writes a regular column for Forbes and advises and coaches many of the world’s best-known organisations.

He has a combined following of 4 million people across his social media channels and newsletters and was ranked by LinkedIn as one of the top 5 business influencers in the world.

Bernard’s latest book is ‘Generative AI in Practice’.

Sign Up Today

Social Media

0
Followers
0
Followers
0
Followers
0
Subscribers
0
Followers
0
Subscribers
0
Yearly Views
0
Readers

Podcasts

View Podcasts