How Can Businesses Be Cyber Resilient When A Hacker Only Needs 120 Seconds To Take Them Down?

  • Blog
  • Risk Management

How Can Businesses Be Cyber Resilient When A Hacker Only Needs 120 Seconds To Take Them Down?

When it comes to cybersecurity, physical borders don’t exist. Attackers can be located anywhere in the world and operate with near impunity, profiting from business and government IT vulnerabilities and exposing confidential information to the public.

For years, cyber criminal gangs have been orchestrating and perpetrating attacks across the entire globe with minimal resistance, primarily through ransomware attacks, coercing firms to pay in order to prevent the publication of stolen data.

Last month, LockBit 3.0 – one of the most notorious cyber criminal gangs – was taken down in an international operation led by the UK National Crime Agency (NCA), the FBI and Europol. This operation represents one of the biggest counterattacks from national security agencies.

Despite one gang being taken down, 34 new cyber criminal gangs were identified in 2023 alone, raising the total to 232 tracked organizations according to CrowdStrike. Additionally, the increasing sophistication of attacks is exploiting what has, until now, been one of the ‘safest environments’ for storing data: the cloud. CrowdStrike reports that cloud-conscious cases doubled last year, with a 75% increase in cloud environment intrusion cases, 84% of which were focused on e-Crime. What is perhaps most impressive – and most troubling – is that it is only taking criminals 2 minutes on average to perpetrate attacks (see CrowdStrike 2024 Global Threat Report).

How to stay ahead of the game
Although cyber security may be an abstract concept for organizations and senior leadership, more often the question is not whether an attack will happen, but when. According to the Verdantix global corporate survey on risk management, cyber security ranks as the one of the top 3 risks for firms around the world, reflecting the figures presented early this year by the World Economic Forum’s Global Risks Report 2024.

Industry standards, such as those provided by the National Institute of Standards and Technology (NIST), are constantly evolving to include new technical elements that firms should take into consideration when defining their security frameworks. However, historically, the primarily focus has been on detection rather than prevention, concentrating almost all resources on reactive elements. From a response perspective, by this time, it may well be too late to contain the damage.

In this context, how can organizations be more cyber resilient – and be prepared for the next attack?
Establishing a proactive approach to cyber security is the answer: allocating resources and attention to prevention rather than just detection. Protecting the business from being identified as a potential target, masking or reducing surface attacks, and fostering a prevention culture are the core pillars of this dynamic approach.

Decision-makers should focus on:

  • Education. In reality, the idea that cyber security programmes are costly pales in comparison to the potential bribes the firm might need to pay, fines from the regulators, and the fallout of reputational damage. Establishing meaningful and practical training across the organization is key to reduce potential vulnerabilities. Criminals are enhancing their social engineering tricks and investigations to find open doors or vulnerabilities to exploit, so every member of the team must be aware of the risks and how to prevent them.

  • Key technical aspects of their cyber resilience programmes:
    • Include threat intelligence capabilities. There are specialized firms that provide services to detect any potential threats close to your assets, making it harder and more costly for criminals to continue with the attack.
    • Reduce the risk of surface attacks. Hackers can’t attack what they can’t see. Understand your IT ecosystem and the level of exposure in the public domain.
    • Adopt a zero-trust approach to supply chain and IT providers. Perform independent security checks and analyses on your providers, especially those considered critical or strategic. No business is exempt from being attacked.


Some of the vendors supporting organizations with these capabilities are: CrowdStrike, Dectar, Fortinet, Gen Digital, Palo Alto Networks and Zscaler.

Integrating cyber programmes into your GRC, TPRM and operational resilience ecosystem
Developing a connected and integrated view of risk is essential not just to protect an organization’s reputation, but also its integrity. Over the last five years, technology vendors have been investing in developing different solutions that integrate under the same umbrella with different risk domains, making it easier for businesses to map their risk exposure end-to-end, especially for critical processes.

The vendor landscape is diverse in terms of technical approach and categories. However, firms should start exploring how these technology vendors can support in enhancing risk management and resilience practices. The vendors have three main backgrounds, specializing in:

  • Governance, risk and compliance (GRC). Providers such as Diligent, MetricStream, Mitratech and SAI360 are consolidating the cyber risk view under GRC solutions.

  • Operational resilience. Archer, Fusion Risk Management, LogicGate and Protecht are all including cyber security components as part of overall resilience.

  • Third-party risk management (TPRM). Firms such as ProcessUnity, Aravo, NAVEX, Origami Risk and Venminder are including cyber security risk via supply chain exposure.

Daniel Garcia

Senior Manager

Daniel is a risk and compliance subject-matter expert (SME), with over 16 years of global experience, having worked for major financial institutions and consulting firms in Latin America, Europe and Asia. He leads the Verdantix Risk Management practice, where he steers market research intelligence and provides Advisory services on risk and compliance matters. Daniel has a BA in Economics and an MSc in Capital Markets and Financial Engineering.