, the global leader in cyber security and ISO 27001 expertise, is advising organisations to become ‘cyber resilient’, not just ‘cyber secure’ in 2014.
As the probability of a successful cyber attack increases, there will be a growing need for professionals who possess combined knowledge of cyber security and business continuity management. These skills will enable them to ensure the security of an organisation’s systems and make effective action plans when cyber breaches occur.
strategy will enable organisations to repel cyber-attacks whilst protecting critical business assets, rapidly adapting and responding to business disruptions and maintaining continuous business operations. It can be achieved by developing a strategy based on internationally recognised best practice, building skills and competencies and leveraging industry leading expertise, tools and publications to drive implementation across the organisation.
Two international standards provide the main guidance organisations need in order to achieve cyber resilience:
ISO27001, which details the implementation of an information security management system (ISMS); and
ISO22301, which details the implementation of a business continuity management system (BCMS).
IT Governance recommends the following tools for anyone looking to implement a cyber resilient strategy:
Cyber Security Self-Assessment Tool
This tool will help you establish how cyber secure you are and will make suggestions to help you plug the gaps.
The Case for ISO27001 (2013) Second Edition
This book demonstrates the business case for implementing an information security system based on ISO27001, and includes the key features of business continuity in the context of cyber security breaches.
A Manager’s Guide to ISO22301
This book includes practical, detailed guidance on developing and implementing a business continuity management system (BCMS) certifiable to the ISO 22301 standard, using detailed and illustrative examples. If you already use ISO 27001, you need to add ISO 22301 to your system to become cyber resilient.
Cyber Resilience Implementation Suite
This suite includes two documentation toolkits and four eBooks full of expert advice. It contains everything you need to set up a combined information security and business continuity management system to fend off cyber attacks and minimise the damage a successful attack will cause.
If you are looking to take your cyber resilience knowledge a step further, refer to the Effective Cyber Resilience Training here: http://www.itgovernance.co.uk/cyber-resilience-training.aspx