Partners urged to shift from cyber prevention to resilience as AI adoption accelerates

AI adoption is forcing a rethink of cybersecurity strategies built for prevention, not resilience.

Organisations will need to strengthen cyber resilience to support innovation and the continued uptake of AI. But it requires redefining resilience and closer collaboration with partners.

“Resilience is both a capability and an outcome,” said Richard Addiscott, VP analyst, security and risk management programs, Gartner.

While resilience isn’t a new concept, it demands a different approach in the current context. Organisations together with partners need to move beyond a mindset of ‘prevent at all costs’ to one that focuses on how quickly and intelligently they can recover.

“The goal is not just to bounce back from disruption, but to come back stronger each time,” said Addiscott, at this week’s Gartner Security and Risk Management Summit in Sydney.

Addiscott describes this shift as ‘adaptive resilience’ or anti-fragility, where organisations learns from incidents and develop a cyber posture that gets better at recovery.

With fragile systems, when something happens, it just breaks and resilient ones simply return to baseline, rather than improving after disruption, he said.

However, Gartner data shows higher maturity in protection controls, driven by compliance frameworks such as NIST and the Essential Eight.

This creates a misalignment between the intent of cyber programs, which is resilience, and investment, which is skewed towards prevention. Organisations need to rebalance their cyber investment.

“It means shifting investment away from a narrow focus on ‘protect’ towards maturing the detect, respond and recover capabilities that determine how well the business weathers an attack,” Addiscott told CRN Australia.

The role of partners in enabling adaptive resilience

To help organisations achieve adaptive resilience, partners need to prioritise client outcomes and challenge customers who are over-investing in preventative controls.

The task is to move customer conversations beyond compliance and prevention to what happens when an incident occurs.

Partners also need to develop balanced security portfolios that include impact management, recovery and resilience and avoid over-indexing on protection tools.

“It’s going to be about the overall maturity of their security program,” he said.

Increasingly, partners will need to support client CISOs as the role shifts into a guardian role and trusted enabler of technologies such as AI.

“CISOs are the only executive to enable and protect the organisation’s ability to achieve its AI ambitions and protect the organisation from AI-enabled attacks,” he continued.

The role of partners will be to drive more mature, resilience-led conversations that align security investment with business outcomes.

“Resilience will increasingly be measured by how well boards understand and own cyber risk decisions, using clear impact thresholds rather than vague comfort levels about ‘being secure enough’,” he said.