Actively defending against cyber attacks is the only way to get ahead of cyber criminals and gain the trust of your customers.

Cybersecurity is more than a technology issue and it cannot remain in the IT domain. It also cannot be the responsibility of any one member of the board – it affects every level of a business and every part of the C-Suite in different, often subtle and not easily recognized, ways.

Cybersecurity is about managing risk, but it is equally about enabling organizations to take advantage of opportunities in today’s digital world, in a safe way, and maintain the trust of their customers’, says Global Advisory Cybersecurity Leader Paul van Kessel.

From the responses of our annual Global Information Security Survey 2016 we can see where organizations are in the strength and maturity of their cybersecurity capabilities and suggest three steps to achieve cyber resilience: sense, resist and react.

In a earlier survey, we identified the ways organizations could get ahead of cybercrime by following a three stage journey – Activate, Adapt, and Anticipate. This concept still applies, but our survey findings of the last few years show that there is still progress to be made in all three stages. However, in the face of today’s threats, many of the actions we identified as more advanced actions have now become more foundational.