How to get to an organization that nurtures resilience

In her keynote, Karen provided a comprehensive account of her extensive research and encouraged us to challenge outdated assumptions about the role of people in cybersecurity. Rather than relying on strict regulations and productivity-oriented rewards to promote adherence to cybersecurity policies, she champions a more human-centered approach. Karen emphasized that people possess remarkable adaptive abilities to handle unforeseen circumstances if given the opportunity. It became clear that creating a resilient organization is a team effort that needs to engage people at all levels of the organization. In particular, upper management and leadership possess the ability to cultivate an environment that empowers their staff to actively contribute as a source of resilience.

During our panel session following the keynote address, Nico Ebert inquired about how companies in “corporate Switzerland” address cybersecurity – not on a technical level, but in cooperation with their employees. The panelists’ practical expertise provided a real-world perspective that echoed Karen’s empirical research. A consensus emerged regarding the necessity of adopting a more comprehensive perspective on cybersecurity, a more profound evidence-based foundation, and greater professional diversity that that extends beyond the technical domain.

We want to thank keynote speaker Karen Renaud as well as our panelists Leo Niedermann Swiss Re), Tobias Schoch (AXA Switzerland), Andrea Tribelhorn (Detecon Schweiz/ISACA Switzerland Chapter/ISSS) for sharing their perspectives with us.