The BCI has published a new report looking at the subject of cyber resilience. One of the headline findings of the survey-based report is that high levels of senior management commitment to cyber resilience has a clear impact on the success of cyber resilience strategies.
According to the report, 50 percent of organizations with a ‘zero’ or ‘low’ level of management commitment to cyber security reported more than five successful attacks on their organization in the past year compared to just 19.7 percent of organizations with a ‘high’ level of management commitment. This further has a direct impact on costs incurred as a result of cyber crime: 50 percent of organizations who defined their commitment as ‘high’ incurred zero costs as a result of cyber attacks in the past year whilst less than a third (32.6 percent) of organizations with a ‘medium’ to ‘zero’ level of commitment recorded zero costs.
Nearly three-quarters of organizations experienced at least one successful cyber attack in the past year. This figure is comparable to that published in the previous BCI Cyber Resilience Report in 2017, however with better systems in place, more staff dedicated to cyber resilience, and more extensive training and exercising programmes rolled out across organizations, businesses reported being better placed to thwart attacks before they entered their systems.
Another key finding from the report survey is that ‘strategic integration of cyber risk rather than a focus on systemic risk is becoming the new focus’. Traditionally, many cyber strategies have focused on systemic risks, but the research for this report shows that successful strategies are becoming more strategic and integrated into the organization, whilst organizations are also becoming more risk aware and are focusing on cyber issues that have the potential to disrupt customers and other stakeholders.