Contact Us




Change Locale

What’s the Difference Between Cyber Security and Cyber Resilience?

Uncategorized | Posted on August 14, 2018 by schap

While the term “cybersecurity” is as old as the hills in the security world, the term “cyber resilience” has been gaining momentum. This is a good thing. Cybersecurity management is complex and always changing, and focusing on security alone simply isn’t enough – organizations need a more comprehensive strategy. You might ask: “Isn’t cyber resilience the same thing?” Absolutely not. A quick visit to for synonyms for those core terms is a great place to start for some clues to their differences.

  • Security –> Defense, Guard, Precaution, Safeguard, Sanctuary, Shield
  • Resilient -> Buoyant, Supple, Elastic, Hardy, Plastic, Pliable, Quick to Recover, Rubbery, Springy

What jumps out at me is that “security” is a term which is focused on preventing bad things from happening. Whereas “resilient” is about quickly getting back to “good” in the face of the inevitable impact of bad things.

These concepts translate perfectly to the world of IT security in general, and email security in particular. Organizations should be focused on making their IT systems such as their email, resilient to attacks and not focus purely on the goal of 100 percent preventive security.

Is 100 percent prevention even possible? Definitely not. Much like the human body, which is continuously riddled with bacteria and viruses, the goal is to feel and be well, not to prevent these microorganisms from getting in. We could all live in the equivalent of a semiconductor clean room, continuously taking anti-bacterial baths and pills, and eating only irradiated food, but that doesn’t sound very pleasant. The bodies of generally healthy people thrive on resilience, not prevention.

The best approach for IT security is to have a balanced, resilient approach that encompasses threat prevention and adaptability to new types of threats combined with built-in durability and fast recovery.  This is the approach organizations should focus on for all business-critical IT systems, especially their most mission-critical business application: Email.

According to research from Vanson Bourne, only 30 percent of organizations surveyed have adopted a cyber resilience strategy, and only one-third of those are in the early stages of development or planning. Too many organizations are leaving themselves exposed to the unknown – but it doesn’t have to be this way. By developing a more holistic approach, organizations can safeguard against email-borne cyberattacks, business disruption, data loss and human error.

This article was originally published here.


Related Articles

“A people without knowledge of their past history, origin and culture is like a tree without roots.” – Marcus Garvey

Culture | April 9, 2019 by Kelly Breedon

Softchoice is very proud to have been named to the Great Place to Work Institute’s first ever list of Best Workplaces for Giving Back. This list recognizes organizations with a strong employee commitment to giving back, and a robust range of programs that support positive change in their communities. Taking care and giving back are […]

When we talk about Digital Transformation, three key topics always come to the fore: optimizing IT investments, enabling end users, and IT agility. On a granular level, these three factors form an axis of issues companies must deal with when making the digital leap. At our recent roundtable dinner in Boston, we sat down with […]