In today’s hyperconnected world where cyber attackers seek to do harm 24x7, organizations face unpredictable and constantly evolving threats – from phishing to ransomware. Cyber security requirements can be hard to understand and remaining compliant can be challenging. Increasingly, ‘resilience’ is the north star that Security teams strive for, but what does it mean to be resilient? And what can we learn from bad actors, who seemingly remain one step ahead of our security programs and the security industry.