Key Findings for CISOs, IT security and risk management leaders
- Digital business initiatives are expanding the organizational footprint to new ways of doing business, exposing the organization to more opportunities but also to new and additional risks.
- The characteristics of a resilient organization are impossible to implement in a business environment focused on short-term benefits only. CISOs must make investments gradually, people and infrastructure redundancy across all phases of the organizational resilience life cycle for the organization to rebound and prosper after a business disruption.
- Organizational resilience requires a deliberate effort from CISOs to design resilience characteristics into five organizational layers: leadership, culture, people, processes and infrastructure, in order to maintain its adaptive capacity to execute upon under stress.
- Resilience is a term that's often abused in the marketing or branding of the value and benefits of existing processes, tools and programs.