Cyber-resilience is an emerging concept which acknowledges that security breaches will happen. However, it is the resilience of an organisation in identifying and responding to security breaches that will become a critical survival trait.
Alan Calder, CEO of IT Governance, says, “Cyber attacks will happen and cyber criminals are not going to go away. It’s not a question of ‘if’, but ‘when’ you will be attacked. Cyber-resilience means that an organisation's systems and processes are resilient against outside attack or natural disaster. It is also a key principle underlining the ISO22301 and ISO27001 standards.”
Business Continuity Management (BCM) and Disaster Recovery Planning (DRP) are essential components of building robust cyber-resilience. In order to ensure that an organisation’s IT systems and processes are resilient against natural disaster, an organisation needs to develop a Business Continuity Management System that can be integrated with its Information Security Management System to achieve real cyber-resilience.
The following books on business continuity are an excellent starting point for anyone looking to improve the cyber-resilience of their organisation.