Cyber resilience is organizational readiness and ability to prepare for, respond to and recover from cyber attacks.

It has emerged over the past few years, because traditional cyber security measures, are no longer enough, to protect organizations from the spate of persistent attacks.

Cyber Resilience is important because traditional cyber security measures are no longer enough to ensure adequate organizational information security, data security, and network security. Today, it’s as important for organizations to be capable, to respond to and recover from security breaches, as it is to be capable to prevent them.

VP – Cyber Security, CERN

According to Mimecast’s The State of Email Security Report 2020, 31% of organizations experienced data loss due to lack of cyber resilience preparedness.

Cyber resilience helps an organization protect against cyber risks, defend against and limit the severity of attacks, and ensure its continued survival despite an attack.

Cyber AI Security

The IT Governance Cyber Security Resilience Framework recommends a four-part approach to cyber resilience:

The first element of a cyber resilience program involves being able to identify, assess and manage the risks associated with network and information systems, including those across the supply chain.

It also requires the protection of information and systems from cyber attacks, system failures and unauthorized access. 

• Malware protection 
• Information and security policies 
• The formal information security management program 
• Identity and access control 
• Security teams’ competence and regular training
• Security staff awareness training 
• Encryption 
• Physical and environmental security 
• Patch management 
• Network and communications security 
• Systems security 
• Asset management   
• Supply chain risk management

The second element of a cyber resilience program depends on continual monitoring of network and information systems to detect anomalies and potential cyber security incidents before they can cause any significant damage.

• Security monitoring 
• Active detection

Implementing an incident response management program and measures to ensure business continuity will help you continue to operate even if you have been hit by a cyber attack, and get back to business as usual as quickly and efficiently as possible.

• Incident response management 
• ICT continuity management  
• Business continuity management  
• Information sharing and collaboration

The final element is to ensure that your program is overseen from the top of the organization and built into business as usual. Over time, it should align more and more closely with your wider business objectives.

• A comprehensive risk management program 
• The continual improvement process 
• Governance structure and processes 
• Board-level commitment and involvement 
• Internal audit 
• External certification/validation

A cyber-resilient posture helps you to:

• Reduce financial losses;
• Meet legal and regulatory requirements: regulations such as the NIS (Network and Information Systems) Regulations and the GDPR (General Data Protection Regulation) call for improved incident response management and, in some cases, business continuity management;
• Improve your culture and internal processes; and
• Protect your brand and reputation.