For my very first interview for the Security Stories podcast, I met a wonderful person called Mick Jenkins, MBE. Mick is sadly no longer with us, but his story will stay with me forever. One of Mick’s philosophies was centred around the importance of cyber resilience. “Improvise, adapt, overcome” are the words he used.
This philosophy helped him when he got lost in the wilderness at age 14. It helped him when he became a bomb disposal expert in the military. It helped him when he took on the CISO role at Brunel University London, at a time when cybersecurity wasn’t embedded into the organization’s culture. Mick was instrumental in leading the organization to proactively defend against targeted attacks on the university’s intellectual property.
Improvise. Adapt. Overcome. I’ve been thinking about those words a lot lately, and what they mean (for me, at least).
Improvise. When I’m going through a tough time, I think about how I can change the story. Make it about something else. Helping others with their ideas. Saying yes to new opportunities. (I’m an improviser by trade too, so it’s always, “Yes, and…”)
Adapt. Finding stillness in chaos and opportunities in the most unlikely of circumstances.
Overcome. Becoming focused. Getting through it, with the support of those around me.
What has become clear, now more than ever, is that our vulnerability and resilience go hand-in-hand. It’s not one or the other. Having both side-by-side is what makes us human.
In these moments, we can feel stronger. We can see chances for change that never rose to the surface before.
I recently spoke with 13 industry leaders to get their perspectives on the concept of security resilience, and which practices have the greatest impact on an organization’s ability to adapt to change. How can we structure security, so we can spot opportunities we’ve never seen before?
We featured their stories and advice in a new interactive eBook, called Building Security Resilience: Advice and Stories from Cybersecurity Leaders, that we released today.
A few key themes emerged from our contributors:
- You can’t have a resilient security posture without making people your top priority. Making sure they have everything they need for their role, and not overburdening them.
- Use threat intelligence and maintain strong visibility of your assets, so you can prioritize dealing with incidents and vulnerabilities that are the greatest risk to your organization.
- Communication is everything. Staying close to the needs of the business and the overall future direction will mean that you’re in a better position to build security resilience that can adapt to change.
- There are new opportunities to be had, and new ideas can appear even in the toughest of times. As one of our contributors, Christos Sarris from Sainsbury’s said, “Nonstop business transformation at the time of a crisis is a key strategy for building enterprise resilience.”
Do take a look at our new eBook for inspiration on how to build security resilience.
I’ve also invited contributors from the eBook to join me for a #CiscoChat live discussion that we’re hosting: Detect, Respond, Recover: Moving Toward Security Resilience. We kick things off at 1pm ET/10am PT and hope to see you there.
I’ll leave the last word to another of our contributors, Christos Syngelakis, CISO and Data Privacy Officer at Motor Oil Group, who will be joining us for the #CiscoChat:
“I want to end by acknowledging that one of the biggest challenges for CISOs is burnout. In an always-on environment where there is always something new to learn, as well as a tremendous expansion of technology and requests for new projects, the challenge of finding balance is one of the top issues. Invest in your people and prioritize their mental health.”
Find this blog helpful? View our other blogs on security resilience:
- Enabling Security Resilience in the Face of Unpredictable Change
- 5 Dimensions of security resilience
- Continuity and recover on the path to resiliency
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels