Recommended Reading: Cyber Resilience: A Perishable Skill That Needs Practice

Great piece on LinkedIn by Prof. Dan Haagman:

Cyber resilience is like going to the gym: skip your workouts and you’ll get flabby fast. His big insight? Even seasoned execs throw out the playbook under pressure and just wing it.

The fix? Get those tabletop exercises scheduled and keep adversary sims running. Your DR plan from 2015 won’t cut it against modern ransomware. Building muscle memory through practice is what separates the pros from the panicked.

Quick, practical advice for anyone who wants their incident response to actually work when it matters.

Key takeaways

1. Cyber resilience is a perishable skill that decays without regular practice and reinforcement through
2. Recovery assumptions need regular testing. Many organisations still operate with recovery models designed for natural disasters, not cyber attacks.
3. Human decision-making deteriorates under pressure. Even experienced executives tend to “free-ball it” rather than follow playbooks when stressed.
4. Muscle memory is crucial. Responses must be so ingrained that they become automatic when incidents occur.
5. Don’t fear intervention. As Matt put it, “The occasional wolf is fine because people have seen the big bad wolf.” It’s better to isolate systems and apologise later than hesitate and suffer catastrophic compromise.
6. Rehearse with operational impact. Theoretical exercises aren’t enough; practice actual recovery procedures that affect operations, just as we accept that fire drills disrupt business briefly.
7. Secondary recovery paths need equal attention. Organisations often neglect testing backup systems because they’re not used daily.
8. Human judgment remains essential. Matt warned, “We mustn’t sell our souls to automation”, even as we leverage technology to manage volume.
9. Build executive support beforehand. When Matt shut down a workshop for six hours based on a false positive, no one questioned the decision because relationships and understanding were already established.
10. Technology alone isn’t the answer. As Matt concluded, “Many people will try and sell you technology, twice as much technology as you need to generate resilience. But that’s almost irrelevant.”