Cyber Resilience

Cyber resilience is the ability of an organisation to protect itself from, detect, respond to and recover from cyber attacks.

By being resilient, organisations can reduce the impact of an attack and ensure that they can continue to operate effectively.

How do you achieve cyber resilience?

There are a number of steps that organisations can take to improve their cyber resilience, including:

1. Improving security: Organisations should improve their security measures to make it more difficult for attackers to gain access to their systems. This includes things like using strong passwords and two-factor authentication, and keeping software up to date.
2. Detecting attacks: Organisations need to be able to detect attacks quickly so that they can rapidly respond and minimise the damage. This includes having systems in place to monitor for suspicious activity and training staff to spot the signs of an attack.
3. Responding to attacks: Once an attack has been detected, organisations need to have a plan in place for how to respond to minimise the damage. This should include who to contact and what steps to take.
4. Recovering from attacks: Once an attack has been successfully dealt with, organisations need to be able to recover their systems and data. This includes having backups in place and a plan for how to restore systems.

We recommend a four-part approach to cyber resilience:

1. Manage and protect

• The first category of a cyber resilience programme involves being able to deploy risk-appropriate information security measures – relying on people, processes and technology – to protect the confidentiality, integrity and availability of your information assets, business processes and infrastructure.
• It also requires the protection of information and systems from cyber attacks, system failures and unauthorised access.

This may cover:

• Asset management
• Information security policies
• Physical and environmental security
• Identity and access control
• Malware protection
• Configuration and patch management
• Encryption
• System security
• Network and communications security
• Security competence and training
• Staff awareness training
• Comprehensive risk management programme
• Supply chain risk management

2. Identify and detect

• The second category of a cyber resilience programme depends on continual monitoring of network and information systems to detect anomalies and potential cyber security incidents before they can cause any significant damage.

This may cover:

• Threat and vulnerability intelligence
• Security monitoring

3. Respond and recover

• An incident response management programme and business continuity measures will help you keep operating even if you experience a cyber attack, and get back to business as usual as quickly as possible.

This may cover:

• Incident response management
• ICT continuity management
• Business continuity management

4. Govern and assure

• The final category is to ensure that your programme is overseen from the top of the organisation and built into business as usual. Over time, it should align more and more closely with your wider business objectives.

This may cover:

• Formal information security management programme
• Continual improvement process
• Board-level commitment and involvement
• Governance structure and processes
• Internal audit
• External certification/validation

Being cyber resilient helps you:

• Reduce financial losses;
• Meet legal and regulatory requirements;
• Improve your security culture and internal processes; and
• Protect your brand and reputation.

GRC Solutions is a global cyber risk and privacy management consultancy that helps businesses save money and reduce risk with solutions based on international best practice and frameworks.

Cyber Security: Essential principles to secure your organisation – a pocket guide

Cyber Essentials Certification

Cyber Essentials Toolkit

Cyber Essentials Gap Analysis Tool