Business Continuity Awareness Week 2017: Cyber Resilience
May 3, 2017 - This year Business Continuity Awareness Week occurs between March 15 and 19, and the theme is cyber resilience. The BCI's Cyber Resilience Report revealed that two-thirds of organizations had experienced at least one cyber security incident during the previous year, and 15% had experienced at least ten. So this week we'll focus on cyber resilience so you can think what you will do to raise awareness of business continuity and the importance of cyber resilience? (Item #6 has a link to download posters to display throughout your workplace.)
The CRR is a no-cost, voluntary, non-technical assessment to evaluate an organization's operational resilience and cybersecurity practices. The CRR may be conducted as a self-assessment or as an on-site assessment facilitated by DHS cybersecurity professionals. The CRR assesses enterprise programs and practices across a range of ten domains including risk management, incident management, service continuity, and others. The assessment is designed to measure existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices.
Cyber attacks are draining bottom lines, with the average cost of a data breach now totaling $4 million. That's why cyber resilience is so critical for organizations today. Cisco defines cyber resilience as the ability to prepare for and adapt to changing threat conditions while withstanding and rapidly recovering from attacks to infrastructure availability. It is largely about managing risk - identifying events that might happen; assessing how likely they are to happen and the impact they could make; and deciding what actions to take.
Gone are the days where you could go out and spend your annual security budget on a set of brightly coloured firewalls that look good in racks. Here are the days where you have to satisfy yourself that all this kit you bought does what it says on the tin. What might come as a surprise is that all the data sheets that were shoved down your throats when buying defensive equipment do not reflect how it operates in the real world.
Most legal practices have yet to get to grips with the idea of "cyber resilience" but it is a strength that they urgently need to acquire now. Only then can a legal practice develop and deliver new IT-supported service propositions that can add significant value to services for clients, introducers and business partners.
Cyber resilience and cyber risk management are critical challenges for most organizations today. Leaders increasingly recognize that the profound reputational and existential nature of these risks mean that responsibility for managing them sits at the board and top level executive teams. This report, which is the product of an extensive process of co-collaboration and consultation, has distilled leading practice into a framework and set of tools that boards of directors can use to smoothly integrate cyber risk and resilience into business strategy so that their companies can innovate and grow securely and sustainably.
Cyber security is everyone's responsibility, not just those in the IT department. We all have a role to play in building resilient organizations whether it is ensuring that we have a secure, safe password, or whether it is making ourselves more aware of the potential risks. To help you in promoting this theme, the Business Continuity Institute has created six posters that make the statement above, offering ideas on what individuals can do to play their part.
Copyright (C) 2017 Attainium Corp - All rights reserved.