A technical article based on the article ‘Five fundamentals for a cyber-resilient future’ by Alexandra Rose, Sophos

In an age of increasingly sophisticated and fast-acting cyber attackers, companies need to fundamentally rethink their security strategies. The digital threat landscape is more dynamic than ever before: according to Sophos, the average time attackers spend in corporate systems is less than two days. This short time span shows that traditional, reactive security approaches are no longer sufficient. What is crucial is a resilient, forward-looking and adaptive security concept.

Alexandra Rose, Director of Government Partnerships and Head of the Cyber Threat Unit at Sophos, describes five key principles for a long-term effective cybersecurity strategy in her article. This complements the analysis by Sophos Germany published on 24 July 2025, providing a holistic picture of how organisations of all sizes and in all industries can build cyber resilience as a future-proof skill.

1. Understand the threat landscape

Cyber threats are diverse, organised and increasingly AI-powered. From organised crime to hacktivists to state-sponsored attackers, attack vectors are constantly changing, as are the tactics used by attackers. A deep understanding of this threat landscape is the starting point for any sound security strategy. This understanding is not a one-off task, but requires continuous, round-the-clock analysis of attack activities and vulnerabilities.

Sophos emphasises that companies are not alone in this. Competent security partners offer not only technological solutions, but also expertise, experience and processes to support organisations in identifying and classifying new threats. An open XDR platform also creates the necessary transparency across the entire attack surface and enables a holistic view of systems, processes and data. In addition, the integration of modern threat intelligence systems – with the help of AI, human analysis and pattern recognition – forms the backbone of an adaptive security concept.

2. Understanding threats in context

An attack never occurs in isolation, but always in the context of operational realities. Whether critical business processes, supply chain dependencies, regulatory requirements or geopolitical developments – threats unfold their relevance in interaction with the corporate environment. That is why it is important to link threat information with internal and external factors.

This contextualisation allows you to prioritise more effectively, deploy resources efficiently and develop tailored countermeasures. It is particularly important to note that not all data and systems are equally critical. The focus should be on areas that are particularly vulnerable or critical to the business.

3. Leave room for change

Cybercriminals are masters of adaptation.

They are constantly changing their methods, developing new tactics and exploiting vulnerabilities at lightning speed. Companies must counter them with a similarly adaptable security architecture – scalable, flexible and closely integrated with the operational requirements of the business.

A security programme that grows with the company and dynamically adapts to external changes provides the best foundation for confidently countering threats in the long term. Agile technologies, real-time information and flexible security policies are the key components here.

4. Include the human factor

Cyber security is never just a technical issue – it is always a question of culture, communication and responsibility. While well-trained employees provide an additional line of defence, a lack of training and awareness can quickly become serious vulnerabilities. According to Sophos, 63% of companies surveyed fell victim to ransomware because they lacked staff skills and training.

Therefore, training, clear guidelines and a security culture must go hand in hand. Companies should not only want to avoid mistakes, but actively promote a positive security culture. This also means allowing employees to report misconduct without fear of sanctions. At the same time, it is worth specifically promoting unique human strengths such as problem-solving skills, critical thinking and creativity.

5. Increase speed and agility

Cyber attacks today are faster and often automated. Attackers rely on AI, scalable tools and collaborative infrastructures. Companies must therefore be able to respond to incidents within minutes, not hours or days.

In technological terms, this means that the use of XDR, EDR, SIEM and SOAR solutions and the automation of security-related workflows are becoming standard. Sophos also recommends relying on Managed Detection and Response (MDR) to ensure seamless 24/7 monitoring and immediate response readiness. Real-time data and automated decision-making processes enable security measures to be managed flexibly and proactively.

Conclusion

The cyber threat landscape is not getting any easier – but companies can counter it with strategic clarity, technological foresight and cultural strength. The combined approach outlined in the articles by Alexandra Rose and Sophos Germany makes it clear that cyber resilience is not an option, but a business necessity. It does not happen overnight, but through consistent implementation and continuous development. Those who invest today will reap the benefits tomorrow in the form of security, stability and competitiveness in an increasingly digital world.