Managing the Dynamic Nature of Cyber Security


We observe an increasing number of cyber-attacks across the globe. Recent data breaches indicate that organizations continue to remain susceptible to cyber-attacks.

To give organizations tools to lower their cyber risk, Dr. Sander Zeijlemaker has announced the release of his first published book, Managing the Dynamic Nature of Cyber Security: A future-proof strategy, this is how it works.

Dr. Sander Zeijlemaker explains how forward-looking simulation techniques can augment current decision-making practices to govern cyber risk and define solid security strategies.


Everyone can be susceptible to a cyber-attack. Currently, organizations use a variety of decision support tools to manage their cyber risk; these include risk assessment, security standard benchmarks, or post-mortem analysis after an incident. Recent cyber security incidents like solar winds, colonial pipeline or Kasaya VSA show that the defender is lacking behind the adversary. It is time for new approaches to manage cyber risks.

Dr. Sander Zeijlemaker RA RE CISA CISM SCF has founded such an approach grounded in scientific research. In this, he uses computational simulation techniques to mimic the real-life organizational environment. This ensures that the actual consequences of the intended security strategies become transparent for the decision-makers. Zeijlemaker has recently been appointed as research affiliate at the prestigious American MIT CAMS in Boston for his research focus on the dynamic nature of cyber risk management.


Currently, many organizations react after the fact. This means that their security strategy improves after the next attack. This is a very costly approach because organizations pay for resolving the breach, and the consequences of the breach as well as the upgrade for the defence strategy.

‘If companies want to more efficiently limit the risks of cyberattacks, they should invest smarter rather than more,’ says Zeijlemaker. ‘Business leaders and executives need to have a deeper understanding about the dynamic nature of cyber and how it affects business performance, operations, IT, risk, and finance.’

Based on Zeijlemaker’s approach, in which these effects become visible, management can assess whether the effectiveness of the cyber risk management strategy meets the organization’s needs before it is implemented.


Worldwide, attention is being drawn to new approaches to cyber security. Recently, National Cyber Director Chris Inglis said at cyber summit hosted by the Information Technology Industry Council that the administration and federal agencies should prioritize transforming the way they approach and invest in cybersecurity, as previous efforts have ‘not worked’.