Highly Resilient Organizations Session 1: Connecting cyber risk to business impact: resilience metrics in practise

In today’s threat landscape, resilience is not optional—it’s strategic. That’s why we’re launching a focused research initiative for CISOs within Highly Resilient Organizations: those leading the way in preparing for emerging risks like quantum threats, cryptographic exposure, and complex supply chain dependencies. This study explores how resilient organizations manage digital risk, build cryptographic agility, and strengthen incident response. Participants receive early access to benchmark data, peer insights, and an executive-ready report tailored to board-level decision-making. Help define what cyber resilience looks like in 2025 and beyond. Join the study or request the insights firsthand.

The speakers for the first session are:

Connecting cyber risk to business impact: resilience metrics in practice

This aligns deeply with both regulatory pressure (e.g. NIS2/DORA) and the strategic aim of high-resilience organisations to elevate security from technical to business language. It also helps CISOs share how they’re structuring programs that tie cyber threats (especially crypto-related ones) to operational and financial risk.

Discussion:

• What KPIs/metrics resonate with executive teams when discussing resilience, including crypto risk posture?
• What risk quantification models (e.g. NIST, FAIR) or tools (e.g. cyber insurance modelling, CRQ platforms) are being used or not?
• How is incident response cost or impact being modelled (e.g. in case of key compromise or certification revocation)?
• What are the regulatory drivers forcing quantification (e.g. DORA’s operational impact reporting)This roundtable session is part of the Highly Resilient Organizations Program led by Research Supervisor Suzanne Janse.

  Do you want to join? Sign up now!

  P.S. Your insights are needed: Join the HRO Program Survey here.