Importance of Cyber Resilience for Businesses

The 2025 Honeywell Cyber Threat Report reveals a stark reality: the industrial sector is facing a cybersecurity reckoning. Cyberattacks on operational technology (OT) environments have intensified—ransomware surged 46% in six months, while attacks on water systems, transportation networks, and manufacturing plants have caused real-world disruptions. Threat actors are no longer simply infiltrating; they are interrupting critical services and endangering safety and continuity. One notable trend is the rise in USB-based malware and credential-stealing Trojans like Win32.Worm.Ramnit, which surged 3,000% in frequency. In parallel, over 1,800 distinct threats were detected through Honeywell’s Secure Media Exchange (SMX), with alarming infiltration routes observed across removable media, remote access exploits, and compromised credentials. What’s driving this escalation? • Legacy systems with limited security controls remain widely deployed. • Converged IT/OT environments increase the attack surface. • Regulatory pressure, such as the SEC’s cybersecurity disclosure rule, is raising the stakes for leadership teams. The implication is clear: defending the industrial enterprise requires more than traditional cybersecurity postures. It demands a shift toward cyber resilience—a proactive, integrated approach that embeds security into the DNA of operations. At a minimum, organizations must act on five imperatives: 1. Adopt Zero Trust principles—no device, user, or process should be implicitly trusted. 2. Implement strict segmentation between IT and OT networks. 3. Elevate threat visibility with continuous monitoring, detection, and response tools. 4. Enforce multi-factor authentication and access governance. 5. Ensure secure USB/media handling and endpoint control at every entry point. This is not a technology problem alone—it is an operational and leadership mandate. Every breach is now a business risk. Boards, CISOs, and plant leaders must align around a single objective: operational continuity through cyber integrity. Honeywell remains committed to advancing industrial cyber maturity through our ecosystem of threat detection, monitoring, and managed response capabilities. But securing the future will require collective effort—from regulators, vendors, operators, and industry consortia. As the report concludes, it’s not a matter of if your OT environment will be targeted. The question is—will you be ready?

Given the speed of digital transformation and innovation, the conversation is no longer just about cyber security. It’s about operational resilience. The conversation CEOs and the Board care about is how quickly the company can recover and continue normal business operations during a major crisis or incident. This is not a question of NIST, MITRE or ISO. Most don’t know about these frameworks and don’t care. Based on my current client initiatives, there are 5 ways the shift from security to resilience is shaping the future: 1. Deep Focus on Continuity, Not Just Breach Prevention: While traditional cyber security emphasized keeping threats out, resilience is about minimizing downtime and ensuring critical operations can continue, even during an attack. Many leaders are incorporating business impact analyses into their asset management and risk management programs. This ties an asset to specific processes and focuses conversations on impacted assets and makes risk quantification more accurate. 2. Cross-Department / Silo Collaboration: Resilience goes beyond the IT and Security teams. It involves HR, legal, operations, and more to ensure that every aspect of the business can respond and recover quickly from disruptions. The culture of the organization will be the biggest obstacle or enabler for response and recovery speed. 3. Regular Simulations and Chaos Drills: Resilient organizations don’t just react to incidents—they proactively prepare with simulations and chaos drills that test their ability to bounce back. If you don’t test alternative processes or minimum process downtime while doing tabletops - you’re doing it wrong. 4. Incident Recovery Speed is the New Benchmark: (Note - the goalpost is now recovery and not just response.) Post-incident recovery time is now as important as breach prevention. Companies that can swiftly restore operations after a breach, like we saw in the #CrowdStrike incident, will have a competitive edge. 5. Third-Party Risk and Supply Chain Resilience: With companies relying more heavily on third-party vendors, ensuring the resilience of the entire digital ecosystem has become a top priority. Transparency across the chain is leading to more monitoring and audits of data flows, integrations and risks for larger entities We are also seeing CISOs move into the CTO and CIO roles. Once a CISO has established the ability to recover quickly in the face of adversity, it’s often considered a critical trait for promotion. Resilience is not just a trait of great leaders, but of great organizations. As cyber threats continue to evolve, resilience will be the foundation that empowers businesses to thrive, no matter what comes their way. It's time we ask ourselves: Is your company prepared and ready to bounce back after a major disruption? #cyberresilience #security #digitaltransformation #CrowdStrike #cyberstrategy #RevolutionCyber

🚀 The Evolving Role of Tech Leaders: From Protectors of Technology to Guardians of Business Resiliency 🚀 Cybersecurity alone isn’t enough. Today’s tech leaders must protect the entire enterprise—from revenue and continuity to digital trust—to counter today’s rising risks. With AI, interconnected systems, and legacy tech in play, securing just the IT infrastructure won’t cut it. The stakes are high: $10.5 trillion in potential global cybercrime costs by 2025, and $400 billion in annual downtime losses for top companies. A lack of holistic protection leaves companies exposed to fines, reputational damage, and lost customer trust. Protecting the whole business isn’t just smart—it’s essential. Strategies for Building Business Resilience 🔍 Prioritize Critical Assets Not all assets are created equal. Focus on the 30% of assets that drive 70% of business impact. By securing the core, tech leaders can dramatically reduce risk across the enterprise. 🛠️ Shift Security Left Embed cybersecurity early in the development process to reduce risks down the line. Adopt “policy-as-code” practices to ensure security is a foundational part of every product or service, resulting in fewer vulnerabilities and a more resilient product lifecycle. 🔐 Build Digital Trust Digital trust goes beyond compliance. Be transparent with customers and address third-party risks proactively. Today, only 30% of companies follow best practices for cybersecurity and digital trust. Companies that prioritize this build both customer confidence and regulatory resilience. 🌐 Take an End-to-End View of Resilience Don’t just look at technology—analyze the entire business function. Partnering with other business units can help tech teams identify weak points across processes, people, and systems, rather than focusing solely on the technology stack. ⚙️ Address Technical Debt Tech debt is the “silent killer” of modernization. Right now, 20-40% of IT budgets go toward servicing tech debt instead of innovation. Proactively tackling this debt enables modernization without paying the hidden tax of past issues. 🧩 Test and Scenario Plan for Continuity Regularly simulate incidents with key stakeholders and vendors. This ensures that 50-60% of downtime, which is often due to process issues rather than technical failures, can be mitigated before it impacts the business. Planning isn’t just preventative—it’s protective. In a world of growing digital complexity, evolving from tech protector to business guardian is essential. Is your team ready to embrace resilience beyond cybersecurity? #CyberSecurity #BusinessResilience #DigitalTrust #EnterpriseTech #TechLeadership #AI #RiskManagement #DigitalTransformation

While not widely embraced, there's a growing call in the security field from organizations like Kyndryl to shift focus from #cybersecurity to #cyberresilience, with the proposed evolution of the CISO role into a "Cyber Resilience Officer." The rationale stems from the escalating digital landscape, IoT expansion, hybrid cloud usage, generative AI, and heightened interconnectivity leaving organizations more susceptible to cyber threats. #Cyberresiliency transcends traditional cybersecurity by assuming advanced adversaries can surpass conventional defenses. It encompasses non-kinetic threats such as supply chain disruptions, exemplified by incidents like CrowdStrike which highlighted the necessity for seamless collaboration across security, development, procurement, networking, and IT operations. To embark on the #cyberresilience journey: - **Shift Left**: Embed resiliency principles in secure software development and third-party risk management. - **Shift Right**: Ensure recovery capabilities support essential business functions. - **Strengthen the Middle**: Establish a robust operating environment with fundamental practices like asset management and automated vulnerability & patch management. - **Integrate Functions**: Unify security, business continuity, and disaster recovery under a single leader, ideally the CISO, leveraging their risk management and crisis response expertise. Join the conversation on redefining cyber resilience - let's drive a holistic approach to safeguard digitally-enabled services. #cybersecurity #businesscontinuity #disasterrecovery #CyberResilienceOfficer #kyndryl

The "set it and forget it" approach to cybersecurity is a ticking time bomb. Why? Because cybersecurity isn't a one-and-done deal.  It's an ongoing battle that requires constant vigilance and adaptability. Threat actors are often relentless, constantly sharpening their skills and finding new ways to infiltrate your defenses.  If you're not doing the same, you're leaving the front door open for them to enter and wreak havoc on your business. What can you do to stay ahead of the game?  1. Treat cybersecurity like a subscription, not a one-time purchase. Stay on top of software updates and patches like your life depends on it (because, let's be real, your business does). 2. Continuously educate your team on the latest threats and best practices. Cybersecurity isn't just an IT problem; it's an everyone problem. 3. Regularly review and update your security policies and procedures. The cybersecurity landscape is constantly shifting, and your strategies need to keep up. 4. Conduct regular risk assessments and penetration testing. Identify vulnerabilities before the bad guys do, and plug those holes faster than lightning. 5. Create a culture of cyber resilience. Encourage your team to be proactive, curious, and unafraid to question the status quo regarding security. Staying vigilant and proactive with cybersecurity can feel like a never-ending battle.  But complacency costs far more than the effort required to stay secure. 

Remember the friendly Internet neighborhood? It's gone. Today's digital world feels like a wasteland where companies fight to survive cyber attacks. Just "protecting" your stuff doesn't work anymore. You need cyber resilience, too. Here's what that means: 1. Detect threats fast ↳ Before ransomware spreads ↳ Before data gets stolen 2. Respond effectively ↳ With clear action plans ↳ With trained teams ready to act 3. Recover quickly ↳ With minimal downtime ↳ With lessons learned NIST released their Cybersecurity Framework 2.0 last year. It's the perfect source. This isn't about checking boxes. Real cybersecurity creates an environment where: • Everyone understands their role • Everyone actively participates CSF 2.0 gives us a common language between: ↳ IT teams who understand the tech ↳ Business leaders who control the budget When attacks hit (and they will), companies either: • Crumble under pressure • Bounce back stronger The difference? A cyber-resilient culture. I've spent 8 years implementing NIST CSF with dozens of companies. I've seen how organizations like Cimpress, with 14,000 employees in 45 countries, turned cybersecurity into a competitive edge. In the coming weeks, I'll share more about how to implement CSF 2.0. Plus, I'm finishing a training program with practical tools and templates to build your cyber resilience. Questions about NIST CSF 2.0? Drop them below. ♻️ Repost this if you want a safer digital world.

𝐏𝐫𝐞𝐩𝐚𝐫𝐞 𝐘𝐨𝐮𝐫 𝐎𝐫𝐠𝐚𝐧𝐢𝐳𝐚𝐭𝐢𝐨𝐧 𝐟𝐨𝐫 𝐋𝐨𝐧𝐠-𝐓𝐞𝐫𝐦 𝐂𝐲𝐛𝐞𝐫-𝐑𝐞𝐬𝐢𝐥𝐢𝐞𝐧𝐜𝐞 𝐚𝐧𝐝 𝐁𝐮𝐬𝐢𝐧𝐞𝐬𝐬 𝐆𝐫𝐨𝐰𝐭𝐡 🌐 Would you say your organization is excellent at strategic planning? How about planning its cybersecurity and technology strategy? Especially so if you’re in Operations or Finance leadership roles, I empathize with your struggle to balance business operations with evolving technology and security demands - and their related budgets. It's a tough thing to keep up with, and especially so to stay ahead. 📊 Thankfully, commitment to effective cybersecurity practices and investments can, in my experience, pay dividends. Not doing so could result in severely underwhelming strategic positioning, inefficient day-to-day operations, ineffective spending, and potential vulnerabilities that could derail your business. So try this game plan to get a handle on cybersecurity: 🔔 Assess your current technology planning and cyber risk awareness. Independent evaluations can do wonders in that they are, ideally, objective and eye-opening. 🔔 Hire a cybersecurity expert in-house, or otherwise facilitate the evolution of your security team. 🔔 Consult with external cybersecurity and strategy firms. Lean on the ones that will genuinely prioritize your growth and transformation. 🔔 Encourage diverse viewpoints and constructive feedback on security subjects. Diversity of thought really does help organizations stay agile. 🔔 Train your employees to recognize and prevent potential threats. Training must always be effective, though, and often organizations small and large fail to achieve this goal. 🔔 Regularly review and update your technology and cybersecurity strategy. Iteration is vital to a proper and sustainable transformation. By implementing these strategies, you can expect a strengthened decision-making process, enhanced cybersecurity posture, and a more resilient organization. How have you addressed cybersecurity in your strategic planning? Share your thoughts or insights below. #innovation #technology #cybersecurity #informationsecurity #dataprotection #riskmanagement

The World Economic Forum published its “Global Cybersecurity Outlook Report” for 2025. The report compares 2024's findings with this year's business leaders’ perspectives on top #cyber issues and their effect on organizations around the world. The good news... The transformative potential of #artificialintelligence technologies presents unmatched opportunities for #cybersecurity. The bad news... The increasing complexity of the cyber landscape is further exacerbating cyber inequity as resilient organizations pull ahead, while others struggle with limited resources, resulting in systemic points of failure with significant consequences for the overall #resilience of the ecosystem. Some key findings include: - Growing integration of and dependence on #supplychains, coupled with a lack of visibility and oversight into the #security levels of suppliers, has emerged as the leading cybersecurity risk for organizations. - Rapid implementation of #AI without the necessary security safeguards to ensure #cyberresilience introduces new vulnerabilities and enables more sophisticated and scalable attacks. - Cybercrime-as-a-Service (CaaS) platforms continue to be a dominant and rapidly growing business model, with #ransomware remaining as the top organizational cyber risk year on year. #GenAI tools are lowering the cost of the phishing and social engineering campaigns. - Escalating geopolitical tensions reshape the cyber landscape. Cybersecurity now encompasses human safety and needs to address the real risk to people’s lives when #criticalinfrastructure is attacked or compromised. There are no standard playbooks for dealing with geopolitical risk. Rather, the situation calls for a return to old-fashioned risk management by looking at problems from a business-impact perspective first, before managing and eventually accepting any residual risk. - Proliferation of cyber regulations worldwide forces businesses to navigate an increasingly fragmented landscape of regional and global compliance requirements. While these legal frameworks mandate important cybersecurity practices, they also introduce challenges, such as managing overlapping requirements, achieving compliance in multiple jurisdictions and addressing different enforcement timelines. 

Cyber resilience has become the new frontier in enterprise storage, transforming how organizations protect their most critical data assets. In this illuminating conversation with Eric Herzog, CMO at Infinidat, we explore how modern storage systems have evolved beyond traditional reliability measures to incorporate robust cybersecurity capabilities. Herzog reveals the stark reality facing enterprises today: "It's not if they're going to be attacked, it's when and how often." With 90% of enterprise data residing on storage systems, leaving them unprotected effectively invites attackers to compromise your most valuable information. Infinidat's approach integrates immutable snapshots, forensic environments, and direct connections to security platforms like SIEMs and SOARs, enabling automated responses to detected threats. The conversation highlights remarkable recovery capabilities that seemed impossible just years ago - restoring four petabytes in four seconds, guaranteed recovery of primary storage in under a minute, and backup recovery of unlimited petabytes in under 20 minutes. These achievements aren't just technical milestones; they represent business continuity assurance for organizations that cannot tolerate extended downtime. Beyond security, Herzog discusses how Infinidat's performance technologies dramatically reduce infrastructure requirements - one customer consolidated from 288 petabytes to just 61 petabytes while maintaining workload performance. This efficiency extends to operational resources, with customers reducing storage administration staff by up to 73%. As organizations increasingly prioritize AI initiatives, Infinidad]t is also developing RAG solutions that integrate with existing storage infrastructure to support the constant learning necessary for effective AI implementations. Curious about how your organization can transform storage from a vulnerability to a cybersecurity asset? Listen to the full episode to discover approaches that leading Fortune 2000 companies are implementing today to protect their most critical data resources. #RSAC #CyberSecurity #storage cc @Lenovodc #DataProtection #CSO #CISO

I often remind my students that 2/3 of small and medium businesses (SMBs) cease to exist after a cyber incident because of two key factors: (1) loss of customer confidence resulting from corporate failures. (2) the cost of switching to a different service provider. Switching costs tend to be very low for customers who subscribe to services provided by SMBs because of the number of viable alternatives. The story is different when subscribing to the services of a leading company that has few competitors (i.e. Equifax). Here are a few observations that boards, executives, and risk leaders should consider related to the linked article - especially considering the market position of Crowdstrike. ✅ The root cause of the Crowdstrike issue was a security patch, but the outage caused for most customers was related to business resilience. Organizations with high resilience because of well-documented plans and procedures recovered from the outage very quickly. ✅ Every company that provides viable alternatives to Crowdstrike has experienced some significant security or IT issue during the past few years. One rare issue from Crowdstrike, even if it was significant, cannot be the only driver for changing to another solution that may have a similar problem in the future. What would I do? Perhaps this is a good time to review corporate enterprise risk management (ERM) and resilience practices. I think an introspective view is more valuable than expecting vendors to be perfect and never make a mistake. ERM Self-assessment ❓Do we have a formal Risk Appetite Framework that supports governance of enterprise risk? Do people know their roles and responsibilities in the framework? Is our current performance meeting expectations? ❓Were existing ERM practices effective to support a successful response to the outage produced by a vendor? If no, what updates must we make to existing plans? If yes, what is the driver for changing processes and solutions? ❓Who is responsible for oversight of the failures that we experienced, if any, and what changes are we making to ensure the same failure does not occur again in the future? Something to think about. Peace be with you. https://lnkd.in/e6_ceBQB