Estimated reading time: 5 minutes
“Hubris, thy name is ‘The backups are fine.’” A new Dell Technologies report points out a persistent gap in how organizations put cyber resilience into practice. Almost all say they have a strategy, but less than 40% consider it fully mature and always improving. The report also reveals a perception issue: 63% of respondents think leadership overestimates their cyber readiness.
Colm Keegan, Senior Strategist for Cyber Resilience at Dell Technologies, connects this gap to overconfidence. “Our research shows executives are overconfident in their cyber readiness capabilities, which leads to complacency around critical activities like testing and validation.” He adds, “Executives often equate having a strategy with being prepared, but readiness isn’t static.”
Strategy On Paper, Survival In Practice
The report explains cyber resilience as a cycle of Secure, Detect, and Recover. Each step has seen progress, but weaknesses remain. Keegan says the main issue is following through. “The difference between a strategy on paper and one that survives a ransomware attack lies in execution.” He also warns, “Many organizations fail to test recovery plans frequently, leaving them unprepared for real-world scenarios.”
Secure: Backups Face New Pressure
The report notes that attackers are increasingly targeting backups. Organizations still focus most of their spending on prevention. Keegan says leaders often treat recovery as less important. “The prioritization of prevention over recovery reflects a leadership mindset that views recovery as an afterthought.” He puts it simply: “This is a failure of focus, not technology.”
He also pushes leaders toward routine proof, not reassurance. “It’s not enough to write the checks for prevention tools; leadership must ensure their teams are rigorously testing recovery plans at least monthly.” Keegan uses a simple image for directors and executives. “Cyber resilience is like a gym membership – it only works if you’re actively exercising those muscles.”
Detect: Visibility Drives Faster Decisions
Detection is still inconsistent, especially when it comes to backup environments. The report says many teams do not have a clear view of suspicious activity in these areas. This is important because if backups are compromised, recovery can fail. Keegan puts it simply: “Backups are often assumed to be clean, but without validation, they become a liability.”
Recover: Testing Separates Hope From Outcomes
The report links good outcomes to strong recovery habits, especially regular drills and validation. Keegan says recovery is what really counts during a crisis. “Prevention may lower the odds of an attack, but recovery determines survival.” He warns boards not to focus on presentations instead of real evidence. “Leadership fails when testing is deprioritized, resilience debt accumulates and recovery investments are seen as optional.”
Keegan notes that some organizations are already changing their approach, and boards should follow their example. “However, some organizations are shifting their mindset, adopting measures like cyber vaults and automated validation to treat recovery as a strategic capability.”
Get The Cyber Insurance News Upload Delivered
Subscribe to our newsletter!
Raw Data – Four Board Questions, Answered By Colm Keegan
What Are Executives Getting Wrong About Readiness Metrics?
Keegan says leaders often mistake having a plan for being truly ready. “Executives often equate having a strategy with being prepared, but readiness isn’t static.” He encourages boards to focus on measurable actions and regular practice. “Boards need to redefine ‘prepared’ with measurable actions: recovery plans must be tested monthly, backups continuously validated and playbooks updated to reflect evolving infrastructure.”
Where Do “Mature” Strategies Fail During Ransomware?
Keegan highlights the gap between planning and action, as well as uneven funding. “Recovery capabilities are also underfunded compared to prevention, creating a dangerous imbalance.” He says a mature strategy means ongoing testing and improvement. “A mature strategy is one that evolves continuously, is rigorously tested and balances prevention with recovery to ensure it holds up when it matters most.”
When Does Prevention Bias Become A Leadership Failure?
Keegan connects the problem to what leaders focus on and how they set priorities. “Leadership fails when testing is deprioritized, resilience debt accumulates and recovery investments are seen as optional.” He says organizations that test regularly see better results, and boards should look for this proof. “Our data shows that organizations that test monthly or more have better outcomes from real-world incidents than those who don’t. That’s the evidence boards should act on.”
What Must Change For Better Outcomes?
Keegan says the technology is available, but leadership decisions are falling behind. “The core issue isn’t technology – tools like AI-driven recovery and cyber vaults exist. The problem is leadership and incentives.” He gives a clear message to executives and boards: “To improve outcomes, leadership must treat recovery as a competitive advantage, balance investments between prevention and recovery and elevate resilience to a board-level priority.”
Related Cyber Liability Insurance Posts
- See No Evil: CISOs Still Struggle To Spot Third-Party Risk Across Expanding Supply Chains
- How Do Hackers Determine the Ransoms They Demand? Check Out This Warning
- Fed Spending Bill Requires CISA to Evaluate and Report Back re Public-Private Cyber Insurance Working Group
- Sorry, Your Hacked Software Is Not an Insured “Physical Loss:” Ohio Supreme Court
- Cyber Attacks To Become “Uninsurable:” Zurich Insurance CEO
- Mutual Insurer for Cyber Set to Launch Jan. 1st with Participants such as BASF & Solvay
- Look Where 1/3 of the $4m+ Hacking Settlement by the Morley Companies Went
