Earlier this year, I had the opportunity to speak to cybersecurity students at the University of Jyväskylä’s Faculty of Information Technology about cyber resilience and digital preparedness as part of the broader concept of national security.
As an alumna of the University of Jyväskylä, it is easy for me to say that the university has given me a great deal during my studies. I genuinely value the chance to offer today’s students insights and experiences related to cybersecurity from a working‑life perspective.
I firmly believe that today’s students will be the ones leading and shaping the organisations of the future. They will also graduate into a world more volatile than ever before – a world that requires a diverse set of capabilities as they enter demanding operational environments.
Cyber resilience is foremost a cultural issue
Resilience can be defined in many ways. I personally describe it as the ability to remain operational in all circumstances. In the context of cyber resilience, this means the ability to function effectively across digital environments. Resilience does not emerge in isolation; it is the sum of multiple, interconnected elements. The same applies to cyber resilience.
Cyber‑related challenges are also cultural at their core: what kind of organisational and societal culture are we able to build so that we can understand, withstand and recover from disruptions or exceptional situations?
A risk barometer assessment for 2026 by Allianz states that cyber threats seem to concern organisations currently the most. This is a somewhat historical situation as in previous years the risk of business interruption has been topping the organisational concerns. In short, the need for cyber resilience has grown significantly as the operating and threat environment and risk landscape is fundamentally different from what it was even five or ten years ago.
Digital services shaping the sense of resilience and capability to endure under pressure
People are accustomed to using a wide range of digital services to run their daily lives. Many of these services are not officially classified as critical for societal continuity, even though modern society relies on them extensively. That is why these services must be protected proactively, across all types of disruptions and exceptional situations.
Ukraine provides an excellent example of this: digital agility, flexibility and scalability under extreme conditions have become a key indicator of a modern society. Ultimately, secure and reliable digital services create a sense of safety and reinforce a positive cycle of strengthened resilience.
Within organisations, the backbone of resilience – including cyber resilience – lies in the people who understand how security is built and managed. Leadership plays a crucial role in determining how security is valued, how organisations prepare for disruptions, and how they train for them.
Makings of a cyber-resilient organisation
Cybersecurity is not merely an IT‑driven responsibility; at its best, it is a strategic asset that spans the entire organisation. Key findings of the Finnish National Emergency Supply Agency’s recent Cyber Resilience Review confirms this: the most resilient organisations integrate cybersecurity into everyday operational practices.
Whenever areas such as technology leadership, cyber defence, risk management, physical security and people leadership begin to drift apart, organisations risk creating unnecessary silos. A future‑focused and resilient organisation instead views security holistically and has the courage to maintain – and continuously update – its understanding of potential threats, adapting its operations accordingly.
