Authors | Lucía Burbano, Elvira Esparza
No business or city is immune to cyber-attacks, but these unfortunate events can be mitigated with a cyber resilience strategy.
Cyberattacks are the top global business risk in 2026, surpassing concerns about AI by 10%. However, according to the World Economic Forum Global Cybersecurity Outlook 2026 report, only 19% of organizations exceed minimum cyber resilience requirements.
Here we shall have a look at the concepts of cyber resilience and three cities that have successfully implemented initiatives to combat cyber-risks.
What is cyber resilience?
Before delving into cyber resilience, we need to talk about cyber-risks, a very real threat in today’s global, digital and interconnected business environment. Areas such as the industrial sector, which works with technologies including the Internet of Things or have cloud data management strategies, are particularly vulnerable.
In order to protect businesses from hackers or from data filtrations, a cyber resilience strategy is required. The aim is to increase security, reduce the impact of a possible cyber-attack and continue to operate normally without suffering operational or economic losses.
Security covers much more than software designed to protect systems within companies. It involves people, processes and technology, which must be aligned in order to combat the threats.
The five pillars of cyber resilience
When we refer to cyber resilience strategies, there are five pillars that enable successful measures to be implemented:
-
Identify
Firstly, companies must have in depth knowledge of the level of security and potential risks. Therefore, the organization’s essential information has to be meticulously identified, and the infrastructure and information has to be evaluated, including the level of sensitivity, vulnerability and risk tolerance.
-
Protect
It is time to implement the necessary protection measures. Protection measures for critical infrastructures and services have to be developed and implemented, with the aim of mitigating or reducing the level of vulnerability.
-
Detect
Appropriate actions must be implemented in order to rapidly identify an attack, evaluate the affected systems and guarantee a timely response. Furthermore, during this stage, the network must be continuously monitored in order to identify any other indicators related to that attack.
-
Respond
Organizations need a response plan, headed by a team of people with specifically identified functions and responsibilities.
-
Recover
This phase involves developing and implementing systems and plans to restore data and services that may have been affected during a cyber-attack.
Cities with successful cyber resilience strategies
Smart cities are particularly vulnerable, but many of these already have cyber resilience plans in place.. Below are some examples.
Atlanta
In March 2018, the U.S. city was the subject of a cyberattack that affected a significant number of devices connected to a specific network in the city. But Atlanta was prepared, since just a few weeks earlier it had held meetings with the FBI to evaluate the available cyber resilience programs.
When the attack occurred, they contacted numerous authorities that collaborated with the city. Atlanta had also just signed a cybersecurity insurance policy, which enabled it to access the necessary providers to execute the response and recovery pillars.
The Hague
The city in the Netherlands tackles this issue at various levels. Cybersecurity is firmly established in the city council itself at an operational, tactical and strategic level. Five of the main internal information security departments have a strategic advisory role in, for example, terms of procurement. This enables a common cyber resilience strategy to be applied for the entire municipality.
Manchester
The city in the northwest of England has been developing numerous initiatives designed to collaboratively combat cyberattacks. It has created a cyber foundry connecting four universities and the Greater Manchester Combined Authority to create an environment of digital trust in which to do business, increase the resilience of SMEs and use academic research as a technology accelerator.
It also participates in the Greater Manchester Cyber Advisory Group, a cross-industry group, and collaborates with Salford University’s ThinkLab. Lastly, the city council plays an active role in the promotion of cybersecurity measures among citizens and companies.
What is the difference between cyber resilience and traditional cybersecurity?
Traditional cybersecurity focuses on prevention. It is mainly aimed at stopping unauthorized access through controls such as firewalls, encryption, and access management. It also treats security as a technical issue and measures success by the number of breaches prevented.
By contrast, cyber resilience takes a comprehensive approach to protection, including both threat detection and response, and covering all stages of the process: anticipation, resistance, recovery, and adaptation. Instead of simply blocking attacks, cyber resilience focuses on maintaining business services and operations during and after security incidents.
What benefits does cyber resilience bring to cities?
Cities gain several benefits by investing in cyber resilience:
- Maintenance of essential public services. Cyber resilience ensures that critical infrastructure such as power grids, water supply, transportation, and healthcare systems can continue operating after a cyberattack.
- Protection of citizens’ data. Sensitive citizen information is safeguarded, reducing the risk of identity theft and fraud.
- Increased Citizens have greater confidence in government institutions because they feel protected.
- Reduced economic losses. Cyber resilience lowers the financial impact caused by city disruptions and ransomware payments.
- Better adaptation to new threats. Cities that are better prepared in cyber resilience can manage both known risks and unforeseen threats.
- Urban sustainability: Designing cyber resilient infrastructure ensures that efficient buildings and systems meet their environmental goals without being compromised by security failures.
Why is cyber resilience becoming more important today?
There are several reasons that explain the growing importance of cyber resilience for organizations and cities. First, the rising cost of attacks. The global average cost of a data breach reached 4.88 million dollars in 2024. The financial risk is even greater for cities because it affects essential services and the sensitive information they must protect.
Second, AI driven threats. According to the World Economic Forum, 94% of cybersecurity leaders see AI as the main driver of change, while 87% report increased risk due to AI related vulnerabilities. Finally, regulations such as the EU Cyber Resilience Act, DORA, and NIS2 are introducing enforceable compliance requirements with real penalties.
Smart cities are more vulnerable to cyberattacks because they are highly connected. This is why cyber resilience is essential to ensure that cities can withstand and recover from attacks without disrupting their functions. Through cyber resilience, smart cities protect critical infrastructure that depends on digital networks, detect attacks early through IoT sensors, and have plans in place to restore compromised systems and avoid major losses.
Images | FLY:D, Ed Hardie, Edwin Tan/iStock, Dimensions/iStock
