skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Straight Talk Technology

Ovum view

Cyber-readiness is the ability of an organization to prevent, detect, and respond to cyberattacks in line with its risk appetite. The more "ready" an organization is, the better able it is to defend the enterprise from security incidents and breaches. Yet clearly not all organizations are cyber-ready, with barely a day going by without another headline letting us know of defenses being breached and information and systems being compromised.

Naturally, the primary objective of cyber-readiness is to prevent cyberattacks. However, recognizing that some attacks will not be prevented, the next objective is to detect potential attacks before compromise. Furthermore, not all attacks will be detected, so the organization must then be ready to respond to an in-progress cyberattack.

Security software and services to prevent, detect, and respond to attacks are a key component of cyber-readiness. These technological security controls are combined with process- and people-focused controls to deliver cyber-readiness for the enterprise.

In deciding which security controls to apply, an organization will usually have performed a range of risk assessments on a set of information (for an information-based risk assessment) or a system. Controls are selected based on the mitigation of identified risks in line with the organization’s risk appetite. The risk appetite of some organizations might be high, where taking risks is part of the business, but in many organizations, risk appetite is low, especially where there is a lot of regulation and legislation to comply with.

However, risk mitigation itself isn’t a one-time operation. Organizations should perform frequent exercises to test the robustness of the security controls applied to deal with identified security risks. To address consistency, these tests should be performed against a security scorecard. The outcome of these tests will be reports where the controls can be improved, which can involve reducing them if they’re overly protective, or tightening them if the outcome isn’t in line with the organization’s risk appetite.

The frequency with which cyberattacks are happening indicates that many organizations are not testing security controls adequately. Cyber-readiness is a constant position, requiring a consistent, structured, and tested approach to security across the organization.

Straight Talk is a weekly briefing from the desk of the Chief Research Officer. To receive this newsletter by email, please contact us.

Recommended Articles

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.

  • Enterprise Decision Maker, Enterprise IT Strategy and Select...

    2017 Trends to Watch: Big Data

    By Tony Baer 21 Nov 2016

    The breakout use case for big data will be fast data. The Internet of Things (IoT) is increasing the urgency for enterprises to embrace real-time streaming analytics, as use cases from mobile devices and sensors become compelling to a wide range of industry sectors.

    Topics Big data and analytics IoT

  • Enterprise Services

    5G: Another technology in search of enterprise use cases

    By Evan Kirchheimer 26 Apr 2018

    Service provider interest in justifying 5G investment through its potential to open new revenue streams from the enterprise segment is growing ever greater.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now