S911 Cyber Resilience Enabling Organizations to Identify, Protect, Detect, Respond, Recover, and Govern
Cyber resilience is organizational readiness and ability to prepare for, respond to and recover from cyber attacks.
It has emerged over the past few years, because traditional cyber security measures, are no longer enough, to protect organizations from the spate of persistent attacks.
Cyber Resilience is important because traditional cyber security measures are no longer enough to ensure adequate organizational information security, data security, and network security. Today, it’s as important for organizations to be capable, to respond to and recover from security breaches, as it is to be capable to prevent them.
VP – Cyber Security, CERN
According to Mimecast’s The State of Email Security Report 2020, 31% of organizations experienced data loss due to lack of cyber resilience preparedness.
Cyber resilience helps an organization protect against cyber risks, defend against and limit the severity of attacks, and ensure its continued survival despite an attack.
The Four Elements of S911 Cyber Resilience
The IT Governance Cyber Security Resilience Framework recommends a four-part approach to cyber resilience:
S911 Cyber Resilience Capabilities
Manage and Protect
First element
The first element of a cyber resilience program involves being able to identify, assess and manage the risks associated with network and information systems, including those across the supply chain.
It also requires the protection of information and systems from cyber attacks, system failures and unauthorized access.
This stage should cover:
- Malware protection
- Information and security policies
- The formal information security management program
- Identity and access control
- Security teams’ competence and regular training
- Security staff awareness training
- Encryption
- Physical and environmental security
- Patch management
- Network and communications security
- Systems security
- Asset management
- Supply chain risk management
Identify and Detect
Second element
The second element of a cyber resilience program depends on continual monitoring of network and information systems to detect anomalies and potential cyber security incidents before they can cause any significant damage.
This stage should cover:
- Security monitoring
- Active detection
Respond and Recover
Third element
Implementing an incident response management program and measures to ensure business continuity will help you continue to operate even if you have been hit by a cyber attack, and get back to business as usual as quickly and efficiently as possible.
This stage should cover:
- Incident response management
- ICT continuity management
- Business continuity management
- Information sharing and collaboration
Govern and Assure
Fourth element
The final element is to ensure that your program is overseen from the top of the organization and built into business as usual. Over time, it should align more and more closely with your wider business objectives.
This stage should cover:
- A comprehensive risk management program
- The continual improvement process
- Governance structure and processes
- Board-level commitment and involvement
- Internal audit
- External certification/validation
The Benefits of S911 Cyber Resilience
A cyber-resilient posture helps you to:
- Reduce financial losses;
- Meet legal and regulatory requirements: regulations such as the NIS (Network and Information Systems) Regulations and the GDPR (General Data Protection Regulation) call for improved incident response management and, in some cases, business continuity management;
- Improve your culture and internal processes; and
- Protect your brand and reputation.