, the fast-growing cyber security provider, is warning organisations that cyber resilience
is to replace cyber security in the years to come. Savvy bosses will acknowledge that it is not a matter of whether their defences will be breached, but when, and put a cyber resilient strategy in place.
Alan Calder, Founder and Executive Chairman of IT Governance, says, “There is an increasing need to improve resilience, rather than security alone. This has to be driven by the boardroom – companies’ directors have to be paying more attention to cyber attacks and be held responsible. If they don’t, they may risk finding themselves in the unenviable position of Target’s CEO, who had to resign following a massive data breach.”
In recognition of the fact that cyber security is no longer sufficient to ensure business sustainability, organisations must put measures in place to respond and recover from cyber attacks. International standards will play a key role in maintaining cyber resilience in the future.
Apart from putting controls in place to protect their information assets, organisations will need to improve their business continuity management to ensure that if they are breached they can recover quickly and, importantly, avoiding devastating financial losses.
The Cost of Data Breach Study: Global Analysis 2014
survey carried out by IBM and the Ponemon Institute provides evidence that business continuity management reduces the cost of a breach. The research revealed that having business continuity management involved in the remediation of the breach can reduce the cost by an average of $8.98 per compromised record.
Cyber resilience can be achieved using best practice guidance provided by the international information security standard, ISO27001
, and the business continuity standard, ISO22301
More information on cyber resilience and useful resources to implement an integrated strategy are available from IT Governance at: www.itgovernance.co.uk/cyber-resilience.aspx