Cyber recovery: the capability that changes everything

Ensuring business continuity in the face of the inevitable

Most businesses don’t realise they have a problem… until the day their systems go down.

At that very moment, everything becomes clear: what really matters isn’t the level of protection in place, but the ability to regain control quickly.

In an environment where attacks are industrialised, rapid and increasingly sophisticated, the real dividing line no longer lies between protected and vulnerable businesses. It lies between those that know how to get back up and running quickly… and those that cannot.

For Swiss SME leaders, the challenge is therefore no longer simply to protect themselves, but to guarantee one essential thing: business continuity, even in the event of a major crisis.

Reassuring certainties… but ones that leave us vulnerable

In practice, certain beliefs remain deeply ingrained. They are reassuring. But they leave us exposed.

Believing that we are “already well protected”, that “IT has it under control”, or that we are “too small to be attacked” no longer reflects the current reality. Attacks today are automated, massive and opportunistic. They no longer target only large companies.

In many cases, IT teams do their best with the resources at their disposal. But they often operate without clearly defined business priorities, without explicit strategic decisions, and without a framework established at management level.

This disconnect creates a false sense of security, even though the company’s actual ability to cope with a crisis remains uncertain.

The real challenge: keeping operations running

Traditional cybersecurity, which focuses on prevention, remains essential. But it is no longer enough.

No organisation can guarantee that it will never be compromised. So the question becomes: what happens when it does?

This is precisely where cyber resilience comes in: the ability to withstand, absorb and recover quickly from an incident, whilst maintaining critical operations.

This shift in perspective is significant. It means no longer focusing solely on protection, but ensuring that the business can continue to operate despite an attack.

A sticking point that is still all too common

In many organisations, a misunderstanding persists between senior management and IT teams.

When the latter talk about risk, senior management often hears cost. The issue then comes into competition with other priorities and struggles to gain traction.

In more advanced organisations, the difficulty is different: responsibility is diffuse. The issue cuts across departments, but there is no real leader in charge.

In both cases, the result is the same: fragmented initiatives, a lack of overall vision, and an inability to prioritise effectively

However, without a clear framework, IT can neither structure a coherent response nor guarantee a recovery capability aligned with business priorities.

The blind spot: defining what must survive

Very few companies know how to answer a question that seems, on the face of it, quite simple: What is absolutely essential for my business to continue operating tomorrow morning following an attack?

This is what we call the Minimum Viable Company: the minimal yet viable version of the business in a crisis situation.

This concept is fundamental. It enables the creation of a common language between management and IT, helps identify the processes and resources that are truly critical, and allows investments to be focused where they have the greatest impact.

And yet, it remains largely under-utilised. Due to a lack of time, methodology or sponsorship, it is rarely formalised, even though it forms the basis of any resilience strategy.

Cyber recovery: the capability that makes all the difference

In the French-speaking Swiss market, approaches are still predominantly focused on prevention and detection. But one reality is gradually becoming clear: despite all efforts, some attacks will succeed.

In such situations, the ability to recover becomes critical.

Cyber recovery is not limited to restoring data. It involves ensuring:

• isolated copies protected against any compromise

• data integrity prior to any recovery

• a secure environment to restart without reinfection

• recovery timescales compatible with business requirements

  
  

It is this capability that enables a major attack to be transformed into a controlled incident rather than a prolonged crisis.

A strategic alliance to take action

Faced with these challenges, businesses need support that goes beyond technology.

It is with this in mind that the alliance between Cogency, a Dell Technologies Titanium partner, and Dell Technologies’ Cyber Recovery solutions has been formed.

Dell Technologies’ solutions stand out for their capabilities, which are particularly well-suited to today’s threats:

• robust isolation of critical data via secure environments (“vaults”) disconnected from the IT system

• resilience against ransomware, including in advanced scenarios

• automated validation of data integrity prior to restoration

• rapid and reliable recovery of critical operations

• a proven and industrialised approach, derived from numerous deployments

Combined with Cogency’s expertise, this technology forms part of a comprehensive approach:

• definition of business priorities (including the Minimum Viable Company)

• alignment between management and IT

• pragmatic implementation

• testing and continuous improvement

  
  

This approach is now well-established in French-speaking Switzerland, with numerous successfully completed projects. It provides concrete solutions tailored to the realities of businesses, moving away from theoretical or purely technical approaches.

Moving from a reactive stance to a proactive approach

Too many organisations still take a reactive approach to cyber resilience: following an audit, an incident, or under pressure.

However, it is unrealistic to think that a crisis can be managed effectively without preparation. Without a framework, without priorities, and without testing, decisions made in a rush are rarely the right ones.

Conversely, a step-by-step approach enables rapid and effective progress by identifying what is critical, protecting what matters most, and continuously improving and adapting.

Cyber resilience is no longer a technical issue. It is a management decision.

In a world where incidents are inevitable, the real question is simple: is your business capable of recovering?

With a structured approach, and the support of partners such as Cogency and Dell Technologies, it is now possible to transform a systemic risk into a controlled and sustainable capability.