Cyber Leaders Need a More Effective Approach to Building Resilience

Cyber leaders are facing mounting pressure to build and prove cyber resilience – the acumen to respond effectively to cyber threats across the workforce. Yet, according to a Forrester Consulting Opportunity Snapshot commissioned by Immersive Labs, cybersecurity teams are currently ill-equipped to protect their companies or even diffuse the impact of cyber incidents. They are concerned about a lack of cyber workforce capabilities, judgement, and resources to respond effectively.

DOWNLOAD NOW

To alleviate a lack of inhouse cyber skills and staffing shortages, firms must upskill teams and reevaluate hiring practices to recruit and test for high-potential hires. They must invest in a culture that leverages effective people-centric approaches to building organization-wide cyber capabilities, such as live simulations to bolster their cybersecurity teams’ preparedness and, in turn, their organization’s cyber resilience.

Key Findings

  • 84% of cyber leaders feel increasing pressure to be prepared for the next cyber attack
  • More than 80% agree they could have mitigated some to all of the damage of their most significant cyber incident in the last year if they were more cyber resilient
  • Cybersecurity professionals may have an overconfidence problem amid conflicting assessments of preparedness for attacks
  • Lack of security talent with the right skills is the main obstacle to cyber resilience, but firms overlook hires with high potential 
  • Firms should increase investment in continuous upskilling through exercises and training, such as live simulations and upskilling platforms, to bridge capability gaps

The main obstacle to cyber resilience is insufficient security expertise.

  • Training certifications and tabletop exercises are not preparing teams to be cyber resilient
  • 72% of respondents agree the threat landscape is becoming more challenging
  • 65% agree their organization’s board is putting more pressure on the cybersecurity teams to prove cyber resilience then they did a year ago

A commissioned study conducted by Forrester Consulting, March 2023