A naukri.com initiative
Kaspersky
2d
141
Image Credit: Kaspersky
What is cyber-resilience, and how to start implementing it
- Cyber-resilience is crucial for businesses to minimize the impact of cyber incidents on their primary goals and objectives.
- It involves anticipating, withstanding, recovering from, and adapting to adverse cyber conditions, according to the WEF and NIST.
- However, implementing a cyber-resilience strategy poses challenges; only 2% of companies can recover from a cyberattack within 24 hours.
- Key components include leadership, governance, risk, compliance, people, culture, business processes, technical systems, crisis management, and ecosystem engagement.
- Commonly implemented measures include backup tools, MFA, and formal response plans, but challenges lie in metrics, changing company culture, and supply chain security.
- Implementing cyber-resilience requires board-level support, collaboration between CIO and CISO, and allocation of up to 20% of cybersecurity budget to resilience projects.
- The core cyber-resilience team should be cross-functional, have the necessary authority, and bring in external experts when needed.
- Cyber-resilience is an ongoing iterative process that spans the entire organization and requires a combination of technical and organizational efforts.
- Experts stress that cyber-resilience is not a project with an endpoint but a continual process that involves multiple phases.
- Implementation involves detailed asset inventory, risk prioritization, role definition, incident playbook development, and extensive staff training.
Read Full Article
8 Likes
For uninterrupted reading, download the app