Who is responsible for Cyber Resilience?

Felicity March

This article has been repurposed from my presentation on “Managing cyber disruptions confidently with a paradigm shift in cyber culture” at the Cyber Security & Data Protection Summit in November 2020. The company, the characters and roles featured in the following videos are fictional.

Cyber resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber-attack. Cyber resilience needs an end-to-end approach that brings together critical areas to ensure organisations continue to function during cyber-attacks and cyber outages.

Some of the cyber-attacks we saw in 2017, NotPetya and WannaCry in particular, caused widespread and devastating outages. NotPetya cost the globe $10bn while WannaCry cost somewhere between $4bn and $8bn. This is not just the fact that companies were taken down; one company specifically, had 45,000 PCs and 4,000 servers deleted in seven minutes, two minutes later their phone system went down and their security gates in every single one of their buildings across the globe was shut.

You simply cannot react to that fast enough. Companies really struggle to survive attacks like this, so we need to make sure businesses can continue to function in the face of cyber-attacks.

What are the immediate reactions when a cyber attack hits a business?


In the Ponemon Institute's Cost of Data Breach Study on operational risk in 2019, several business owners were asked to respond to the question: “Who has the overall responsibility for directing an organisation’s efforts to ensure a high level of cyber resilience?”

Below are the results:

23% Chief Information Officer
22% BU Leader
14% Chief Information Security Officer
11% No one person
9%   Business Continuity Manager
7%   Chief Risk Officer
7%   Chief Executive Officer
6%   Chief Technology Officer

Cybergeddon: The Inquest

Watch as each of the functions respond to questions around who is ultimately responsible for ensuring the organisations resilience to cyber attacks.

Lucinda Porter - CEO, SMart
Gemma Jones - Former CIO, SMart
Carl Hooper - CISO, SMart
Jay Varma - Disaster Recovery Manager, SMart
Laura Croft - CMO, SMart
Uche Afumba - CRO, SMart


The approach and solution are not isolated to one area; cyber resilience should be holistic, and only by looking at the bigger picture and zooming in on each detail, can you fully understand how a business needs to operate.

What happened to SMart could quite easily happen to any other organisation. Operational and organisational resilience is everyone’s responsibility, and it should be treated as such. To help organisations such as yours build cyber resilience capability, IBM has developed incident recovery software and services, demonstrated below:

Find out more from this demo