“The ability to prevent an attack, withstand an attack as it’s going on and recover from an attack after it’s happened is not something that can be done by one group or one technology in one area of the business,” explains Lueck.
“Attacks are becoming more common and if we’re all going to experience this in some form, resilience can be the competitive advantage to get your business going quicker, with more profit or just to keep your business going at all,” says Leuck.
This calls for a different approach to that traditionally taken by IT teams; one where organisations look to become truly resilient, able to protect themselves against the risk of cyber-attacks as much as possible but also to recover should one occur.
This means taking a step back to ensure the business architecture is set up to prevent interruptions and can protect itself against threats, with an IT infrastructure that is designed to reduce risk, and where there’s a strong focus – led by IT – on building teams and cultures that are resilient in nature.
Rather than merely tackling technical issues and reacting to events that happen, organisations need to implement a “resilient by design” approach, says Lueck.
