Building Operational Resilience in 2025

Building Operational Resilience in 2025

Article - Security
By Josh Porter|7th January 2025

In a world where cyberattacks are increasingly common, it’s no wonder cybersecurity leaders are losing sleep. This is largely due to the fact that protecting against every cyberattack these days is an impossible task. Eventually the worst will happen. Establishing a strategy for operational resilience is a must.

If every organization will suffer an attack sooner or later, ensuring your incident response plan is up to scratch is a nobrainer. But with attacks becoming more complex, current incident response strategies need to evolve with the times if they are going to promise operational resilience. 

At our recent Security Insights Summits, we were joined by industry experts who shared their approach to building operational resilience in our rapidly changing world.

A changing landscape 

While business continuity and disaster recovery will always be important, security leaders need to expand their understanding of what it means to be resilient.  

Third-party risks, physical security, crisis communications – these should all be part of any modern resilience strategy. 

How security leaders understand third-party risk is also due for a rethink. It’s no longer enough to treat third-party data as out of your control. All data, regardless of whether it is within the network or kept by third-parties, is the business’ responsibility to secure.

 

“Third party risk is being redefined. We are returning to the approach of a single infrastructure. One infrastructure. One strategy. One methodology. One architecture.”

– Michael Woodson, former Information Security & Privacy Director at Sonesta Hotels 

 

Where risk assessment and operations have been separated in the past, today they need to be brought together. Security teams should no longer be the sole stewards of operational resilience. Everybody has a part to play. 

Building your response plan for resilience 

Flexibility 

It was Mike Tyson who said it best – “Everyone has a plan until they get punched in the face.”  

In the spirit of Iron Mike, security leaders need to ensure their plans are flexible enough to roll with the punches. 

Staying locked in on an incident response strategy, regardless of the situation, will allow more flexible attackers to run rings around defenses. Keeping incident response plans inline with operational reality based on the data available is critical to responding to modern attacks.

 

AI 

With a massive and diverse information landscape, extracting actionable data is becoming increasingly untenable for your human staff. Humans don’t scale. That’s where AI can help. 

Cyberincidents have a lifecycle, with security teams slowly piecing together the events as they gather more data. The more you understand, the easier it is to adapt your strategy. Having that data early can make all the difference. Understanding what happened will also impact your Recovery Point and Recovery Time Objectives (RPO & RTOs). 

But AI isn’t the be-all and end-all. You can use AI to capture actionable data, but decision making should remain with the team.

 

“There’s too much data for humans to sift through, even with a huge team of analysts, so using AI there makes sense. But when it comes to full decision making, it has to revert to human intuition.”

– Eric Sanchez, Global CISO at Orrick, Herrington & Sutcliffe LLP

 

Culture 

If a security incident is going to impact the entire business, any good response plan needs to include the entire business. 

Speak with stakeholders, work with front line operators, be transparent and clearly communicate the importance of security and their role in it. 

By running role-based training exercises and tabletops that include wider business stakeholders, not only can security teams get a clearer understanding of their incident response strategy, but the wider business can see where they fit in as well. 

It’s also worth remembering that if you want to foster a positive culture of security awareness, offer encouragement when they succeed, not criticism when they fail.

By running role-based training exercises and tabletops that include wider business stakeholders, not only can security teams get a clearer understanding of their incident response strategy, but the wider business can see where they fit in as well. 

It’s also worth remembering that if you want to foster a positive culture of security awareness, offer encouragement when they succeed, not criticism when they fail.

Operational Resilience in 2025 

Resilience is a conversation that is constantly evolving. Discussions around what resilience means to organizations, how success can be measured, and best practices for ensuring operational resilience will continue to help security leaders shape their strategies for the future. 

To continue the conversation on resilience, make sure you check out our upcoming Security Insight Summits. 

By Josh Porter|7th January 2025
Back to insights

Related content

View all
Security
Article

Is Simplicity the Way Forward for Cybersecurity?

It’s no exaggeration to say the threat from cyber-attacks has never been greater. But instead of trying to secure everything, is there a simpler way?
4 minute read
Josh Porter
Find out more
Security
Article

Security Summit, Lisbon 2025 | Insights Report

Missed our recent Security Summit, or maybe just want a refresher? Here are all the insights from the main stage.
Adam Burns
Find out more
Security
Article

Chief of Everything – What Does it Mean to be a Modern CISO?

Today’s CISO needs to wear a lot of hats. With so much on one plate, it’s no wonder that CISOs are asking "are we chief of anything?"
4 minute read
Josh Porter
Find out more
Security
Article

Consolidating Cybersecurity: Is it Worth it?

Airtight cybersecurity is what dreams are made of. You just need to figure out how to get there. Consolidate? Or consolidon't?
3 Minute Read
Patrick Mclean
Find out more
Security
Article

The CISO’s Dilemma – Doing More With Less in Cybersecurity

The list of CISO priorities is growing. Host and editor Ben Thompson, asks: how do CISOs manage the pressure to be more efficient and effective?
4 minute read
Ben Thompson
Find out more
Security
Article

How Do You Balance Security and Agility While Staying Compliant?

If you're not compliant, you're at risk. If you're too focused on compliance, you slow down your ability to innovate. How do you strike the balance?
5 minute read
Josh Porter
Find out more
Security
Article

Cybersecurity in 2025: Challenges and Solutions

With the year ahead of you, now’s a better time than any to start rethinking your security measures.
3 Minute Read
Patrick Mclean
Find out more
Healthcare
Article

Healthcare: Staying Secure in 2025

For the healthcare industry making a robust cybersecurity strategy not just important but absolutely critical.
4 minute read
Patrick Mclean
Find out more
Security
Article

Managing the Pressures of Being a CISO

Managing the pressures of being a CISO is a constant challenge. Here is how CISOs can lighten the load.
5 minute read
Josh Porter
Find out more

Related events

GDS Roundtable Environment with host, Kristina
Security
Roundtable

Operationalizing Cyber Resilience Under Pressure

25 March 2026 12:00 pm - 1:30 pm GMT
Find out more