The rules of engagement for cybersecurity are constantly evolving. Cybercriminals and governments are using new technologies, including AI, to exploit new attack opportunities while continuing to use old, trusted solutions.

While prevention remains a top priority, executives recognize that cyberattacks will succeed despite the best defenses. Rapid detection, response and recovery are more important than ever to help minimize damage and restore effectively to increase resilience.

In its document ‘Cyber ​​Resilience and Maintaining Resilience’, KPMG reminds us that cyber resilience is essential to maintaining the operational capabilities of businesses, maintaining customer trust and mitigating the impact of future attacks.

A double-edged sword

Regulators around the world are also increasingly focusing on cyber resilience, requiring organizations to be more transparent about their ability to respond to breaches before, during and after an incident.

In its e-book, KPMG shares lessons learned to help organizations confidently and proactively face cyber threats, recover from a cyber incident and become stronger.

Right from the start, the company points out that the new technologies are interesting for companies, but also for cybercriminals: “82% of executives agreed that generative AI is a double-edged sword that will help detect cyberattacks but also provide new attack strategies for cybercriminals.”.

Based on the same study (KPMG 2023 CEO Outlook), KPMG highlights that 74% of CEOs have identified cybercrime and cybersecurity as factors affecting well-being.

According to KPMG’s Global Tech 2023 report, 71% of companies say they need to become more proactive in integrating trust, security, privacy and resilience into technology implementation.

KPMG publishes five key tips for building resilience:

1. Define your criticality

Senior managers run the risk of underestimating the scale of the breach’s impact by treating it as just a security issue. Early discussions with the management team can help convey the seriousness of the situation, explain what might happen in the coming days, and provide a realistic picture of potential delays and uncertainties.

2 – Focus on what matters

In the tense atmosphere that follows a breach, it’s natural to want to resolve things quickly. Instead, managers should identify which processes and systems are most critical to recovery and allow those processes and systems to thrive. Its “crown jewels” should be given the highest priority.

3. Be clear about who does what

In complex and high-stress environments, some senior managers may find it difficult to hand over responsibility and feel like they have to steer the ship.

CEOs are used to making the call, but in these situations, they need to empower the CISO to act as a team leader.

4 – Communicate – Timely – Clearly and Consistently

First, decide whether you need to disclose the incident and, if so, how much information you want to provide.

Be aware of regulatory or contractual requirements for reporting violations. These responsibilities are more or less strict, but they give the organization maximum time to discover what happened and the impact on critical operations.

5 – Take time to think even in the worst moments

You may feel like your world will fall apart if you don’t take immediate action. But you’ll likely make better decisions by taking a deep breath and waiting until things become clearer.