Cybersecurity is changing its focus.

Increasingly, it is less about defence and more about resilience.

Organisations have to be able to withstand and recover from an attack. It's no longer about preventing breaches: the sheer volume of cyberattacks means that is no longer possible.

Instead, security teams and boards should assume an attack will happen, prepare keep the organisation operating during an incident, and aim to recover as quickly as possible.

Our guest is James Blake, VP of global cyber resilency strategy and consulting services at Cohesity.

He argues that this means integrating  business continuity and disaster recovery with cybersecurity. And organisations should rehearse for cyber incidents, training staff to operate under what can be extreme pressure.

A good playbook, Blake suggests, is not enough.

Interview by Stephen Pritchard.