Focus first. The foundation of organizational resilience.

Not exactly what you'd expect to hear at a cybersecurity executive breakfast. Yet that idea became a common thread throughout the morning: resilience isn't built through constant action. It's built by knowing what truly matters, filtering out the noise, and staying capable of making the right decisions when it counts.

At EBCONT's Executive Breakfast, The Resilient Organization, leaders from business and IT explored how organizations can strengthen their resilience in the face of growing cyber threats, increasing regulatory complexity, and an increasingly uncertain geopolitical landscape.

Tilman Epha, Sales Director DACH | XM Cyber

Cybersecurity isn't about fixing every vulnerability. It's about fixing the right ones.

Tilman Epha explained why prioritizing vulnerabilities solely by CVSS scores often misses the bigger picture. What matters isn't how severe a vulnerability appears on paper. What matters is whether it is actually part of a viable attack path within your own environment.

At the same time, AI is dramatically accelerating the speed of cyberattacks. Tasks such as reconnaissance, information gathering, and creating highly convincing phishing emails now take minutes instead of days.

The most common entry points remain remarkably consistent:

• Misconfigurations
• Stolen credentials
• Excessive privileges

The encouraging news: only about 2% of known vulnerabilities are actually part of critical attack paths. Organizations that consistently identify and remediate these exposures can reduce their overall cyber risk disproportionately.

This aligns with Gartner's prediction that organizations adopting Continuous Threat Exposure Management (CTEM) will experience at least 50% fewer successful cyberattacks by 2028.

Sven Kirchmayer, Principal Solution Architect | Elastic

The biggest challenge in modern cybersecurity isn't a lack of data. It's a lack of visibility.

Sven Kirchmayer explained that security data is often spread across 60 to 80 different tools. The result: organizations see countless individual events but struggle to connect them into a clear, actionable picture.

This is where true resilience is put to the test.

The cycle is simple: See. Understand. Act.

In practice, the breakdown usually happens between seeing what's happening and understanding what it actually means. That's where organizations lose valuable hours, sometimes even days.

The numbers put the challenge into perspective:

• On average, it takes 241 days to detect and contain a cyberattack.
• If an attack remains undetected for more than 200 days, the average additional cost is $1.88 million.
• For larger organizations, one hour of IT downtime can result in losses of more than $300,000.

Another strategic consideration is where this data is processed. Elastic can run on premises, in any public cloud, or on European cloud infrastructure, giving organizations full control over where their data resides and how it is managed.

Andreas Höllrigl | STACKIT (Schwarz Digits)

Andreas Höllrigl emphasized that digital sovereignty is no longer just an IT topic. It's a strategic business decision that directly impacts an organization's ability to act. The freedom to switch providers when needed creates real negotiating power, making decisions about where data is stored and processed a matter for executive leadership.

For years, many organizations justified their dependence on non-European hyperscalers by pointing to a lack of viable alternatives. That argument is becoming increasingly difficult to defend.

The European Union is investing heavily in its own digital infrastructure while advancing initiatives such as the European Chips Act and broader technology sovereignty programs to strengthen Europe's digital independence.

One visible example is STACKIT. The company has been selected by the European Commission as one of four providers for sovereign cloud services and has also been approved by the Dutch government as an official cloud alternative.

Executive Roundtable
Moderated by Christopher Anderlik | EBCONT

With Jürgen Heschl (Red Bull), Oliver Monari (Austrian Post), Stefan Höller (St. Vinzenz Group), and Michael Fürlinger (Gartner KG)

The event concluded with an executive roundtable that brought together practical perspectives from different industries. Rather than focusing on theory, the discussion centered on real-world experiences and lessons learned.

One message quickly became clear: resilience doesn't mean preventing every disruption.

Not every incident requires maximum escalation. In some cases, an application can be unavailable without putting the entire organization at risk. The real challenge is knowing what matters most, setting the right priorities, and staying calm under pressure.

The same principle applies to cybersecurity as it does in everyday life: locking your front door won't stop every burglar, but it makes opportunistic attacks much less likely. For organizations, that means consistently addressing known vulnerabilities and eliminating the most obvious attack paths first.

The logistics perspective reinforced this idea. Traffic jams, supply chain delays, and unexpected disruptions are part of daily business. Resilient organizations aren't defined by the absence of problems, but by how quickly they adapt and recover.

The discussion also highlighted the value of short decision-making paths. Family-owned businesses, for example, can often respond especially quickly during a crisis. One example shared was the rapid setup of a COVID testing center, made possible by pragmatic decisions and the ability to adapt without delay.

The roundtable concluded with a simple but powerful takeaway:

Resilience isn't about making sure nothing ever goes wrong. It's about being prepared, focusing on what matters most, and staying capable of acting when it matters most.

We're happy to share the presentation materials upon request.

If you're interested, feel free to reach out to Christopher Anderlik.