Last week we talked about the findings of a new report from Accenture Strategy identifying gaps in companies’ efforts to achieve and maintain resilience in the face of cyber risks.
According to the report, successful enterprises recognize that responsibility for resilience and agility does not just fall to the CIO, chief information security officer (CISO) or chief risk officer. On average, the research found that companies have two executives in the C-suite who are responsible for continuously monitoring and improving their business resilience. Nineteen percent of the represented companies had a “dedicated resilience officer.”
To make themselves more resilient, agile and fault-tolerant, the report suggests that companies:
- Create a digital ecosystem that enables them to team with other enterprises, augment their digital capabilities and access innovative technologies that reside outside the enterprise to strengthen their organization’s security posture and effectiveness;
- Manage digitally to deliver multi-speed business and IT capabilities in real-time by simplifying the IT architecture and addressing the business’s evolving digital requirements in a dynamic environment; and
- Institutionalize resilience by making it part of the operating model, ingrained from the outset into objectives, strategies, processes, technologies and organizational culture including fostering open communication with boards on governance practices and enterprise risk management.
As the report points out, managing risk is a necessary core competency for any organization looking to take advantage of opportunities for innovation, growth and greater customer connection in the digital realm. Cyber insurance is an important part of any risk management strategy, but companies should be taking a comprehensive look at all of their vulnerabilities, including their ability to respond quickly to adverse events.
- Read, Resilience a Key Part of Cyber Risk Strategy—Part 1
- Read the Accenture report, Business resilience in the face of cyber risk