In the simplest of terms cyber resilience is the ability to prepare for, respond to and recover from cyber attacks. It is an indicator of how well an organization can operate following a data breach or cyber attack. Much of the time IT leaders have put security measures in place to pre-empt, detect and stop attacks and have a recovery plan in place if they do. But how well do organizations keep critical business functions other than IT, going?
Possessing cyber resilience means you have made a direct move from the traditional concept of cybersecurity to a holistic view of the business. In short it helps organizations protect against cyber risks, defend against and limit the severity of attacks, and ensure survival.
The framework for success
Stage one – manage risk and protect information
This starts with being able to identify, assess and manage risks that are lurking within your network and information system. Protecting these assets from cyber attack and unauthorized access is also required. This stage requires having an understanding of your business and where the most critical value lies, specifically which systems does it impact? This enables you to pinpoint what could hurt it most.
It applies to:
- Information and security policies
- Information security management protocol
- Identity and access control
- Patch management
- Network and communications security
- Encryption
- Malware protection
- Physical and environmental security
- Security staff awareness training
- Asset management
- Supply chain risk management
Stage two – detect and monitor
The second element of a successful cyber resilience framework relies of continuously monitoring the network and information systems for potential cybersecurity incidents before they can have a serious impact.
It applies to:
- Security monitoring
- Active detection
Stage three – response and recovery
This stage requires implementing an incident response management program and business continuity plan. (BCP). This enables you to operate business as close to usual as possible regardless of a data breach or cyber attack. Having a business-minded attitude towards backups can help determine recovery as it helps discern what the cost of a breach is and which part of a system to repair or remove.
It applies to:
- Incident response management
- Information sharing and collaboration
- Business continuity management
- ICT continuity management
Stage four – governance
The final stage for implementing a successful cyber resilience state of mind is ensuring the program is endorsed from the business leaders downwards. When the key players within the organizations are invested in this the likelihood of instilling resilience into the daily practices, is greater. It enables the whole organization to build resilience and become accountable.
It applies to:
- Board-level commitment and governance structure
- Commitment to a continual improvement process
- Internal audits and cyber resilience health checks
- Application of a risk management program
The benefits of a cyber resilience strategy are clear and far ranging from mitigating financial losses to streamlining internal procedures and practices. The most official result is meeting compliance such as CCPA and GDPR.