Path to cyber resilience: sense, resist, react

EY's 19th Global Information Security Survey 2016-17

Threats of all kinds continue to evolve, and today’s organizations find that the threat landscape changes and presents new challenges every day. Organizations have learned over decades to defend themselves and respond better, moving from very basic level measures and ad hoc responses to sophisticated, robust and formal processes.

In this report, we look at the findings of our latest Global Information Security Survey. From the responses of the 1735 CIOs, CISOs and other executives, we can see where organizations are in the strength and maturity of their cybersecurity capabilities and suggest three steps to achieve cyber resilience:


Organizations need to use cyber threat intelligence and active defense to predict what threats or attacks are heading in their direction and detect them when they do, before the attack is successful. They need to know what will happen, and they need sophisticated analytics to gain early warning of a risk of disruption.


First, an organization determines how much risk to take across its ecosystem, followed by establishing the three lines of defense:

  • Executing control measures in the day-to-day operations
  • Deploying monitoring functions such as internal controls, the legal department, risk management and cybersecurity
  • Using a strong internal audit department



If sense and resist fail, organizations need incident response capabilities to manage the crisis. They need to be ready to preserve evidence in a forensically sound way and investigate the breach to satisfy critical stakeholders – and also be prepared to bring the organization back to business as usual in the fastest possible way, learn from what happened, and adapt and reshape the organization to improve cyber resilience going forward.

logo experttube

Video's op het gebied van Audit & Control, Actuariaat & Risk Management, Juridisch & Fiscale Zaken, Pensioenen, Schade & Hypotheken, Compliance en Investment Management.

Bekijk ons volledige overzicht op

logo CareerTube

Videoplatform met werkenbij video's van toonaangevende organisaties in de financiële wereld. Met een focus op de finance specialisatie zorgt de koppeling met de 17 (niche) vacaturesites van CareerGuide direct voor een relevant bereik.

Bekijk ons volledige overzicht op