Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific

Cyber Resilience Requires Maturity, Persistence & Board Engagement

Women in Cyber Security Middle East highlight a requirement for resilience in the face of increased business and cyber challenges.

2 Min Read
Dr. Reem Alshammari and Abeer Khedr on a sofa at Black Hat Middle East and Africa's campus stage
Dr. Reem Alshammari and Abeer Khedr at Black Hat Middle East and Africa's campus stageSource: Dan Raywood at Black Hat Middle East and Africa

BLACK HAT MEA – Riyadh – Wednesday, Nov. 15 –  Cyber resilience is more important than ever, particularly with the added dimensions of deepening geopolitical threats and risks coming from new technology like AI.

In a fireside chat at the Black Hat Middle East and Africa conference in Riyadh, Saudi Arabia this week, Reem Alshammari, cybersecurity leader for the Women in Cyber Security Middle East group, said that while operations are becoming more digitized, cyber resilience must remain a part of that.

"In cybersecurity, we keep saying that it is not the matter of will we be attacked, it's a matter of when we will be attacked," she noted. So, it's imperative to ensure there is an ability to bounce back within all layers of the organization.

Hard Times Create Resilience

Alshammari's conversation partner, Abeer Khedr, CISO of the National Bank of Egypt, noted that the COVID-19 pandemic put resilience firmly in the limelight.

Khedr said that specifically, the move to remote working was a new variable that businesses were "globally suffering from that nobody was really accounting for."

That kicked off a broader conversation on weathering challenges, she said, so there is no better time than now to focus efforts on cyber resilience, particularly when presenting to CEOs.

"Cyber resiliency has to be owned at the top of the organization and the senior management level," she said, and added that it must be integrated as part of a company's operational strategy. "This is a journey of maturity, and for cyber resilience to work in my opinion, it has to be embedded inside an organization." 

She pointed to two roadmaps for achieving cyber resilience: one is Accenture's "State of Cybersecurity Resilience" report, and the other is BS 65000, which was developed by theBritish Standards Institution (BSI) as a code of practice for organizational resilience. The latter was revised last year from its 2014 original version, and provides businesses with guidance and recommendations in achieving resilience throughout their organization.

While these can be helpful to plot out one's direction and steps forward, Khedr said to remember that cyber resilience is not an achievement check box, and is not a journey that can be achieved overnight.

About the Author

Dan Raywood, Senior Editor, Dark Reading

With more than 20 years experience of B2B journalism, including 12 years covering cybersecurity, Dan Raywood brings a wealth of experience and information security knowledge to the table. He has covered everything from the rise of APTs, nation-state hackers, and hacktivists, to data breaches and the increase in government regulation to better protect citizens and hold businesses to account. Dan is based in the U.K., and when not working, he spends his time stopping his cats from walking over his keyboard and worrying about the (Tottenham) Spurs’ next match.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights