1. Forum
  2. tqwNet
  3. TQW GENTECH

  • How to meaningfully measure the effectiveness of cyber resilience

    From TechnologyDaily@1337:1/100 to All on Monday, April 20, 2026 11:30:26
    How to meaningfully measure the effectiveness of cyber resilience

    Date:
    Mon, 20 Apr 2026 10:24:50 +0000

    Description:
    Cyber security has many acronyms to measure success but are these still fit for purpose today?

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Cyberattacks in the UK and around the world are rampant and rapidly evolving in sophistication. In fact, the National Cyber Security Centre in the UK deals with at least one incident per day. These days, the when, not if mantra is said so often that it almost sounds cliche.

    Given that attacks are almost inevitable for so many organizations, the focus is rapidly and justifiably moving to how quickly can we restore and recover? Darren Thomson Social Links Navigation

    Field CTO for EMEA & India at Commvault. For organizations, cyber criminals pose a very real threat. As we have seen across the UK, if you are not prepared, you can pay a massive price. Article continues below You may like When confidence becomes a risk: The gap between cyber resilience readiness
    and reality When cyberattacks are inevitable, recovery becomes the strategy British businesses still arent bouncing back from cyberattacks heres how to tackle the problem

    Major UK retailers and brands have recently fallen victim to ransomware that ultimately resulted in lengthy delays for customers , downtime, and reputational damage, despite the companies reacting relatively quickly.

    In many cases, it takes businesses a long time to recover from these attacks. Recent statistics have suggested that business leaders expect five days of operational downtime before their organization is back up and running, when
    in reality the effects often last between three and four weeks.

    This could ultimately result in business leaders questioning the tools and capabilities at their disposal; is the software ineffective or have the IT
    and security teams lost their skills? The answer to both of these questions
    is frequently no: the real issue at hand is that the task of achieving clean recovery is changing. Traditional practices are failing While tried and
    tested recovery methods may have worked consistently a few years ago, with
    the risk and threat landscape steadily evolving, a new approach is needed.
    Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Disaster recovery tools and protocols previously solved a lot of problems, offering respite and support if data or systems were corrupted or destroyed due to physical disasters such as flooding, fires, or other damage the biggest risk to data 10 years ago.

    Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) were often used to measure efficiency, capabilities, and recovery time goals.

    However, recent statistics suggest that hackers stay in their targeted networks for over 200 days on average. Bad actors will take their time, creating a way to enter the environment that goes unnoticed while corrupting and manipulating dozens of systems in their wake. What to read next AI powers innovation but its also powering the next wave of cyber attacks Regulatory whiplash: Why cyber resilience is now a governance imperative The human paradox at the center of modern cyber resilience

    This means that when they eventually press the button to execute an attack, the breadth of damage can be quite extensive and there can be considerable confusion over what data and backups can be trusted.

    Simply restoring the data, without knowing the status of the backups, may achieve desired RTO and RPO, but it wont guarantee a clean recovery. IT and security teams need to analyze the backups to make sure they are clean and
    can be trusted.

    This is a time and resource-intensive procedure that could result in weeks of downtime, rather than days.

    This is why new methods and measurements are needed to provide a realistic
    and logical view on the whole process. Organizations must accept that there are likely to be multiple hidden entry points and that backup copies include compromised or corrupted data.

    Only then can they understand the gaps in their defense systems, something known as the preparedness gap.

    For senior executives, business leaders and boards, this understanding can provide an opportunity to reshape how recovery is understood, managed, and planned for in good times versus in bad times.

    Notably, it can challenge leaders to push their IT and security teams to work even more collaboratively and move beyond restore speed and start thinking in terms of data trust, system integrity, and clean recovery timelines. How to accelerate Achieving adequate preparedness starts by keeping the business running in the event of a cyberattack and being well positioned to recover these systems quickly afterwards.

    This is a concept known as Minimum Viability; the practice of identifying which systems, identity services, networks and people are critical to
    business operation. These make up the companys Minimum Viable Company (MVC).

    Another factor to consider: what does their Mean Time to Clean Recovery
    (MTCR) looks like? In essence, MTCR defines the average time required to restore previously defined critical business applications which are part of their MVC, as well as their foundational systems, infrastructures and associated clean, validated data following a cyber event.

    To help achieve clean restoration of critical business systems, aspects of recovery that are often missed as part of traditional disaster recovery techniques must be considered.

    This includes performing forensic analysis and integrity checks on applications and data, validating the infrastructure components, isolating clean versions from infected data sets, and identifying if data can safely be restored.

    However, old and new concepts can combine here to form a new era of modern clean recovery assurances, with MTCR complimenting RTO and RPO. This is because, once combined, MTCR will shift focus to a more mature and secure approach to recovery.

    By making clean data verification part of the recovery metric, organizations can build repeatable, auditable processes that can contribute to more steadfast and reliable RTO and RPO measures.

    Implementing new procedures that take all aspects of recovery into account
    can help increase the speed of recoveries, reduce the risk of failed restoration and re-infiltration of bad actors, and also potentially reduce financial losses and reputational damage.

    Regardless of an organization's size, maturity level, or security posture, every day matters when it comes to recovery.

    While there is not a process that can guarantee full and fast recovery, adopting an approach that is both realistic and takes into account the differences between cyber recovery and disaster recovery is the best way to get affected businesses back up to full operation in a timely manner and
    limit the risk of business failure. We've featured the best endpoint protection software. This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro



    ======================================================================
    Link to news story: https://www.techradar.com/pro/how-to-meaningfully-measure-the-effectiveness-of -cyber-resilience


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)