Six preparedness and performance indicators to unlock cyber agility
By John Penn, Security Propositions Architect at BT: The rapidly evolving cyber-risk landscape sees a cyber attack every six minutes in Australia, with a new wave of threats enabled by AI.1
The ability to manage cyber risks whilst at the same time delivering technological transformation places CISOs and CTOs in the driver’s seat of fast, sustainable organisational growth. This concept, known as "cyber agility," is the foundation of resilient and adaptive organisations, and a recent study by BT confirms cyber agile businesses consistently outperform their peers.
In the study we identified six key dimensions crucial to achieving cyber agility: Awareness, Compliance, Connectivity, Strategy, Skills, and Innovation.
1. Awareness
Cybercriminals constantly evolve their tactics to outmaneuver organisations. Awareness, encompassing clear visibility and contextual, actionable threat intelligence, is the bedrock of cyber agility.
Traditional infrastructure once allowed organisations to maintain strong oversight, with network access controlled through a single point through a Demilitarised Zone (DMZ). However, today’s hybrid infrastructure—including a complex mix of legacy systems, cloud workloads, remote workforces, and third-party integration—have eliminated that single point of control, leaving organisations blind.
Moreover, malicious actors are adapting their techniques to exploit cloud-based systems. The Australian Signals Directorate (ASD) warns that cybercriminals increasingly use brute-force attacks and password spraying to access highly privileged service accounts. This underpins the importance of comprehensive digital oversight to mitigate both domestic and international threats.
Underlining the importance of threat intelligence, in FY2023–24, the ASD notified entities more than 930 times of potential malicious activity on their networks, highlighting the crucial role of government-industry collaboration in defending against cyber threats.
To strengthen visibility and defence, organisations should implement tools that continuously monitor traffic and system logs, such as a Security Information and Event Management (SIEM) system. Leveraging User and Entity Behaviour Analytics (UEBA) powered by machine learning can help detect anomalies. Introducing Security Orchestration, Automation, and Response (SOAR) services can accelerate responses to threats. And regular vulnerability assessments and penetration testing should be conducted to proactively identify and address weaknesses.
2. Compliance
Meeting regulatory obligations and adopting industry-standard cyber security best practices is essential. The Australian Government’s 2023–2030 Cyber Security Strategy aims to enhance regulations, secure government systems, and establish robust incident response frameworks. Compliance plays a vital role in strengthening both national and organisational cyber resilience.
Every organisation has industry-specific, geographic, and data-related compliance requirements. A good starting point is conducting a comprehensive risk assessment to map digital assets, identify vulnerabilities, and determine an organisation’s ‘crown jewels’.
Ensuring compliance requires implementing robust preventative security controls, such as firewalls, multi-factor authentication, and data protection, and backing this up with real-time monitoring to detect and respond to vulnerabilities. Compliance should be viewed as a baseline rather than the ultimate goal; effective cybersecurity policies should naturally align with broader regulatory requirements.
3. Connectivity
Trust is fundamental to digital business; without it everything grinds to a halt. Secure connectivity can insulate you against cyber threats while enabling seamless team collaboration and innovation across work boundaries. It includes several aspects - your network, your devices and users, and your supply chain.
A zero trust security framework provides a structured approach by assuming threats can originate both inside and outside the organisation. It operates on three core principles: assume breach, verify every access request through authentication and authorisation, and enforce least privilege to restrict user access to what’s necessary for their role.
Therefore, understanding identity and access management is critical, encompassing employees, Internet of Things (IoT) devices, and third-party suppliers. It requires mapping out personas and defining access levels to safeguard critical systems.
4. Strategy
A well-defined cybersecurity strategy aligns with broader business goals and enables an organisation to adapt effectively to both opportunities and threats.
Our recent report highlights that cyber agile organisations leverage security as a mechanism for sustainable growth and enhanced service delivery.
Resilience is key, and organisations must establish a minimum viable service model to ensure continuity in the event of a cyber breach. Rather than attempting to restore 100% of systems immediately, the focus should be on restoring critical functions to keep operations running.
5. Skills
The global cybersecurity skills shortage plays into the hands of cybercriminals, with organisations grappling to recruit and retain qualified professionals.
Organisations need the right mix of generalist and specialist skills to execute their cybersecurity strategy. Company-wide training programs should be in place to address gaps.
Closing the skills gap requires broader thinking, such as retraining existing employees, promoting knowledge sharing, and diversifying recruitment efforts, including gender equity initiatives. Collaborating with cybersecurity partners who function as an extension of an organisation’s team can provide expertise where needed. And leveraging AI-driven security tools can enhance detection, response, and scalability, supplementing but not replacing human expertise.
6. Innovation
Cybersecurity can be an enabler of transformation and market competitiveness.
Cyber agile organisations invest in innovative security solutions that unlock creativity and drive transformation. BT’s cyber agility report reveals that businesses embracing this mindset achieve 24% higher revenue growth than their peers.
However, AI is a double-edged sword. The Australian Cyber Threat Report 2023–2024 warns that cybercriminals are weaponising AI to lower the technical barriers for attacks.
A key mindset shift for organisations is to view cyber security as a guiderail, not a guardrail. Security should facilitate rapid innovation by providing clear guidelines rather than road-blocking progress. Additionally, products and services should be secure by design to ensure scalable, built-in security from the outset.
Collaboration is also essential. Engaging with industry partners, participating in threat intelligence networks, and leveraging shared insights can significantly enhance cyber agility.
Cybersecurity is no longer just about risk mitigation. It is a critical enabler of innovation and growth. By focusing on Awareness, Compliance, Connectivity, Strategy, Skills, and Innovation, organisations can strengthen their cyber agility and unlock new opportunities in an increasingly complex digital world.
About John Penn
John is the Security Propositions Architect for BT, where he is responsible for developing the go to market messaging for BT’s global security portfolio. He also manages outreach partnerships for BT Australasia, working with universities and not for profits to promote cyber security education and female participation in STEM. John joined BT in 2011 and has held a number of roles including Showcase Manager, Head of Marketing, and Security Portfolio Manager.
Sources:
1. ASD Cyber Threat Report: https://www.cyber.gov.au/about-us/view-all-content/reports-and-
statistics/asd-cyber-threat-report-july-2022-june-2023
2. BT Insights, Cyber Agility: https://business.bt.com/insights/agile-cyber-security/