Interested in hearing how folks define “cyber resilience” for their current org – is it mainly about minimizing risk/potential losses for you, minimizing MTTR, or something else altogether?
Sort By:
Oldest
Director of IT in Educationa year ago
From an high level perspective, I look at cyber resilience from the lens of three lines of defense, management controls, risk management, and internal audit. Management controls must include the monitoring process (cybersecurity framework (NIST), Identify, protect, detect,respond and recover). Risk management, aggregate risks across the entire organization and prioritized risk. The third line of defense is internal/external audits, which are independent assurance that evaluates the overall process of cyber risk governance (resilience) for the entire organization. It ensures that the organization’s internal control framework is adequate for dealing with the risks the organization faces.Head of Cyber Security in Manufacturinga year ago
Biggest risk reduction you get out of cyber hygiene/life cycle management, mixed with strong identity and sse for prevention/redirection to official acceptable tools and sandboxing in all file transfer/sharing tools plus edr/mdrSenior Information Security Manager in Softwarea year ago
Cyber resilience is just a fancy way of saying DR/BCP.It is defined as: the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.
So it is just a matter of building IT systems so they can deal with things like downtime, ransomware, natural disasters, hardware/software failures and more.
Director of IT in Educationa year ago
NIST - The ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.
Source(s):
NIST SP 800-172
Director of Network Transformationa year ago
Good question. Leading a discussion on this topic tonight here in Portland Oregon. To me it is about putting together the foundations of a long term security program from a 360 perspective. Understand the business, learn how a $ is made, determine what you must protect and then create a program based on that. If you don't really know what to protect, how can you recover? And are you protecting/recovering the right part of the business? All that said, will be interesting to see what the group has to say. Director of IT in Educationa year ago
I agree, and your program must involve categorization of your systems based on (information types and information systems) and allocate appropriate protection on the system assigned category (low, moderate, high).
CISO in Healthcare and Biotecha year ago
Cyber resilience is an organization's ability to resist, respond to, and recover from cyber threats and incidents, combining risk management, cybersecurity, business continuity, and organizational resilience. It's not only about preventing and defending against cyber attacks but also maintaining the integrity, confidentiality, and availability of data, as well as the capacity to minimize the impact of successful attacks, recover quickly, and adapt by learning from these incidents. Cyber resilience aims to ensure the continuity of operations and minimize disruption and damage to the organization's reputation.