Resilience is King

10 June 2025

Have you checked your Cyber security resilience capabilities?

If your organisation suffered a cyber-attack how quick could it recover? Has your organisation set a targeted time for recovery? 



When it comes to cybersecurity ‘Resilience is King’ - having a cyber security strategy supported by plans, targets and tools which provide your organisation with the right resilience capabilities e.g. 


  • The resilience to prevent an attack. 
  • The resilience to manage your organisation in the midst of an attack. 
  • The resilience to recover. 
  • The resilience to remain in business i.e. be sustainable. 


Cyber security strategy, plans, targets, and tools?  


When resilience is woven into your strategy and planning processes then cyber security truly does become part of the DNA of your organisation - think cyber security with all major plans. 

Adopting a ‘secure by design’ approach also pays dividends as it becomes part of your normal service/product development, processes, protocols, and behaviours adopted, creating resilience as your organisation evolves. 


Budgeting for cybersecurity operations and tools to assist the smooth running of your organisation is expected but not all organisations have budget set aside for any ‘unexpected’ cyber security issues. Having a cybersecurity business continuity budget as a contingency is good practice. 


We have seen in recent times how organisations small to large have been caught unawares from a cyber-attack and without effective recovery plans and budgets. The cost of recovery from a cyber-attack can be colossal. Often organisations who experience a cyber-attack admit they ‘thought’ they had a good business continuity plan until a cyber-attack happens however, they did not foresee the true operational impact or indeed the costs involved to recover. 

Setting the right measures and targets for monitoring your progress and cybersecurity performance should cover all aspects of your cybersecurity processes and policies. 


Having the right cybersecurity digital capabilities in place is important with platform, systems, and people trained who know how to maximise their usage; working in unison they help you to be more resilient to a cyber-attack. 


Do you have visibility of, or trust in, your organisation’s cyber strategy, plans, targets, and tools?


Resilience Capabilities

 

Being resilient to a cyber-attack is not just about preventing your organisation from attack, cyber resilience capabilities cover a number of aspects: 

  • Prevention 
  • Management 
  • Recovery 
  • Sustainability 


Prevention 

Scanning your organisation 24x7x365 for cyber threats across your entire potential attack surface e.g. networks, systems, perimeter, end point and application security enables your organisation to detect and prevent potential threats. Good cybersecurity partners with the latest digital cyber security tools also have the capability of using honeypot traps and the dark web to surface issues before they arise from potential threat actors. 


Management 

The human element of cyber security such as the people you employ both internally and externally are a crucial capability when trained and skilled to manage and orchestrate your overall cybersecurity landscape. 


Having platforms and systems which you can rely upon 24x7x365 to enable for example authentication, encryption, malware protection, network security and continuous event and threat management; these are essential parts of your organisation’s operational armoury in managing the fight against cyber-crime.


Working in tandem with your digital capabilities including the use of AI, the human management and interpretation of information provides you with the best combination of threat detection, prevention, and management of your organisation’s cyber resilience. 


Recovery 

If your organisation has a cybersecurity attack you would like to think it is well prepared; however not all organisations review their disaster recovery or business continuity plans regularly enough to thoroughly review their cyber risk. Table top cyber exercises, penetration testing and overall business continuity plans, help together with robust platforms and systems.


Every second counts if your organisation is attacked, so ensuring you have the right expert partners, tools and capabilities is key to enabling the recovery of your data and in responding appropriately to a ransomware attack. 


Your platform, systems need to have a robust storage, back-up and recovery system which leverages cloud computing and artificial intelligence technologies. This includes data integrity with immutability, air gapping and the ability to recover data anywhere and move it freely in accordance with your organisation’s plans. 

Does your organisation have recovery time objectives? That is the amount of time an application, system or process can be down before the organisation is significantly harmed/damaged. Measuring, monitoring, and controlling your recovery with the right system partners enables your team to mitigate the risks more confidently. 


Sustainability 

The acid test of resilience is sustainability i.e. can your organisation function fully and survive if you have a cyber-attack? 


A cyber-attack can be costly not only in the recovery of data and getting your operations up and running, but it can also be heavily brand affecting, haemorrhaging customers if they lose confidence and trust in your business. 


In 2025, the average cost of a data breach has gone up 10% to $4.8M with some sectors costing more e.g. healthcare averaging $9.7M per breach. The average recovery time it takes is 258 days [Source: Cyber Security News]. 

If your organisation is attacked it is key to contain the incident impact and hopefully then eradicate the cyber issues and recover. 


Learning from a cyber incident is often one of the most significant parts of incident response and is often ignored. The aim of the learning is to prevent this happening again and assess if for example you have the right cyber security support. For example, having partners and systems who you can trust in their capabilities and give you the confidence of recovery in case of a future of a cyberattack. 


Unfortunately, there are organisations where a cyberattack does irreversible damage to their business-critical operations and renders their business no longer sustainable. 

 


In Summary  

Having a good combination of a strong cyber team who can use good cyber security digital systems and tools lays the groundwork for your business to be cyber resilient. 


Of course, staying alive to the latest cyber threats and technology developments is necessary. How you then approach your level of investment and resourcing to size and scale your cyber resilience capabilities appropriately for your organisation can be more difficult. That is where we come in – at the Human Digital collaborative. We can collaborate with your organisation to understand and enhance where required your cyber resilience capabilities.




At the Human Digital Collaborative, we want you to be cyber-secure. 


We can offer through our Business Consultancy, cyber experts who can understand your needs and see where we can help in your cyber journey. Do reach out to us – the Human Digital Collaborative.com 



Who can see into your organisation?

7 February 2025
Beware the eyes of cyber - do you know who's looking?

Types and Forces of Change

10 January 2025
Figuring out your key forces and types of Change 

Seeing the 'C's' of Change

14 November 2024
Seeing & controlling the ‘C’s’ of Change

Transformation Twists and Turns?

26 September 2024
Transformation twists and turns? For anyone who has undertaken a transformation programme particularly a significant, complex, multi-faceted transformation you will know that there are many twists and turns to ensuring success, particularly if the journey is taken over a number of years. Key to good transformation planning is making sure you have the support of your stakeholders, the right people in place, and the right resources to make it happen whether that be for example budget or systems, they all need to work in harmony to keep the transformation alive and help pave your way to success. Holding regular reviews is also important i.e. looking back and looking forward, looking inward, as well as outward to make sure you are still on the right path, and you keep pace with the times. A good illustration of why transformation is important is by looking at a case of a well-known company who enjoyed many years of success, but then failed to transform quick enough with challenging consequences: Kodak. Eastman Kodak (commonly know as Kodak) was incorporated as a business in 1832, and it grew to be one of the leading manufacturers of film and cameras in the world. However, it failed to recognise the significant threat of other competitors particularly in its market’s-movement to digital. This is despite one of its own employees in 1975 developing the world’s first hand-held digital camera, and another employee four years later predicting that a shift to digital photography was inevitable. Kodak executives seemingly ignored the warning signs, the advice given, and sadly it started its transformation journey too late, as over a century later since it began, this once successful company had to file in 2012 for Chapter 11 bankruptcy protection [1] in the United States. A massive decline for a brand and a business who at one time seemed untouchable in its market. A huge price to pay for taking time to transform. The story for Kodak however, is not all bleak, as Kodak can be applauded for its tenacity to stay in business. By 2016 it once again started to generate a profit by transforming and restructuring its business. There are many other business illustrations of failing to transform that I could cite, however Kodak is a memorable example of a business whose longevity unfortunately did not give it licence to move to transform at a slower pace. A number of key questions arise from this case study and perhaps take stock of your own organisation’s transformation journey: Would Kodak be more of a dominant brand for consumers nowadays if it had transformed its business earlier? If it had shifted its consumer film products and services earlier to digital? (it still has a film business with movies). Or if it had looked inward, recognising talent, and listening to employees in its own organisation? Or if it had looked outward and reacted faster to the competitor threats from Fujifilm or indeed the smartphone and device manufacturers? How the picture (pardon the pun!) may have been different today if such a dominant company with a very strong brand, had fine-tuned the twists and turns of transformation to its advantage? Transformation timing? We hear often from businesses – now is not a good time to transform, or we tried that, and it didn’t work, or those types of change (e.g. front or back- office administration process automation) works in that business sector but wouldn’t work in ours? Ask yourself are these just excuses for not taking bold steps to transform or are there genuine reasons for standing still in your organisation? The key question is can you really afford for your organisation to stand still? As a former CEO we know always said after implementing a successful transformation, ‘there’s more to do.’ In other words, his success was not going to be pinned to the mast of completing the last journey to improvement, but rather looking across the organisation to see how things could be improved further for its customers, its staff and its stakeholders.

The Impending Cyber Pandemic in Health and Social Care: Are We Prepared?

30 July 2024
Navigating the Cyber Pandemic in Healthcare

How real is Artificial Intelligence for you?

20 June 2024
Can you see, feel, hear the difference Artificial Intelligence (AI) is making in your organisation? Does it feel real i.e. is it making a difference? There’s been much hype around AI and what it means. Every day something new seems to be happening as the pace picks up around the technology and the subtleties that go along with Artificial Intelligence. So how real is Artificial Intelligence for you and for your organisation? Firstly, to understand where you and your organisation are in the adoption of AI, let’s get to basics - what is AI?  There are many variants of definitions out there, for us at the Human Digital Collaborative, Artificial Intelligence put simply is about computers and digital devices answering an ask or solving a problem you may have by drawing their answer from a large data source. In essence, the artificial intelligence looks up menus in its library to determine quick answers for you. There are other variants of AI e.g. such as Artificial General intelligence (more human-like, sentient) which with the advent of applications Chat GPT and Claude. AI is now multi-modal i.e. text, pictures, audio, video and code can be generated from multiple inputs. This broadens the use and capabilities of AI.

Welcome to the Human Digital Collaborative

20 June 2024
Welcome to the Human Digital Collaborative