What is Cyber Resilience?
Cyber Resilience is the ability to repel cyber-attacks while protecting critical business assets, rapidly adapting and responding to business disruptions and maintaining continuous business operations.
Cyber Resilience can be achieved by developing a strategy based on internationally recognised best practice (ISO 27001 and ISO 22301 standards), building skills and competencies and leveraging industry leading expertise, tools and publications to drive implementation across the organisation.
Steps to addressing Cyber Resilience:
Develop the skills, knowledge and competency required for you and your team to plan and deliver effective cyber resilience to your organisation.
Leverage industry leading tools and information across 27001, 22301 and others that apply to building a Cyber Resilience strategy.
Utilize international standards and technical resources including the ISO27001 and ISO22301 standards, risk assessment software and data encryption tools.
Use our cyber resilience healthcheck service to detect and manage the cyber risks that threaten your business.
How to achieve Cyber Resilience:
Cyber resilience is an essential requirement for the survival and growth of all private and public sector organisations worldwide. With a growing dependency on internet services to provide a platform for communications and software applications, all organisations face significant and constant risks from the threats of ‘cyber attack’. How quickly could your organisation recover from a cyber-attack? With highly frequent and highly damaging cyber attacks becoming the norm, can your existing information security measures and business continuity/DR activities provide the business resilience that your directors demand?
Cyber Resilience is defined as:
“the ability to repel cyber attacks while protecting critical business assets and rapidly adapting and responding to business disruptions and maintaining continuous business operations.”
Alan Calder, Oil & Gas Cyber Security Conference, 25th Nov 2013
Effective cyber-resilience depends on co-ordinated, integrated preparations for rebuffing, responding to and recovering from a wide range of possible attacks and disruptive events. Not just an information security plan, not just a business continuity plan - a fully integrated cyber resilience plan and tactics are a mandatory requirement for every organisation.
IT Governance has outlined a 7-Step Guide to the development of an effective Cyber Resilience strategy that includes the following recommended activities:
Perform an integrated risk assessment and business impact analysis
Secure the cyber perimeter (fixed, mobile, digital, physical)
Implement effective security controls
Implement and integrate a ‘cyber resilience management system’ based on ISO27001 and ISO22301
Train all staff in the relevant skills, competence and awareness
Develop and test an incident response & escalation plan
Comprehensively test Recovery Time Objective (RTO) capability
Find our more about these 7 steps by attending our free webinar Cyber resilience: the new normal, and by downloading our free Green Paper.
Cyber-Resilience can be achieved by developing a strategy based on internationally recognised best practice, building skills and competencies and leveraging industry leading expertise, tools and publications to drive implementation across the organisation.
Internationally recognised best practice includes: