Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation
Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack Cyber Resilience needs an end to end approach that brings together critical areas to ensure organisations continue to function during cyber attacks and cyber outages. Cyber Security Cyber security is designed to protect systems, networks and data from cyber crimes. Effective cyber security reduces the risk of a cyber attack and protects organisations from the deliberate exploitation of their assets. Business Continuity Business continuity provides the capability to resume operations when an event causes a service disruption. Plans for business continuity address natural catastrophes, accidents and deliberate physical attacks; but now they must also support resumption of operations following cyber attack disruptions.
As a result of these new attacks board leaders have ranked cyberattacks in the top 5 of Global Risks at the World Economic Forum in Davos, Switzerland, in 2018 Global Risks that have a macro- impact across sectors. Boards across the globe need to consider how key business parameters will be influenced by these risks in view of mitigations implemented. In terms of preparedness, Cyberattacks presents a significant opportunity to de-risk the business. However a coherent strategy and understanding of underlying issues is lacking, as the impact is not fully understood at the Board Level. Business Impact 4.8-15% * Stock Value Erosion post Cyberattack / Data Breach Source: World Economic Forum, 2018 Source: Cyber Value Connection Source:
The Cyber Resilient Organisation Stance on Cyber Resilience Only 43% improved in past 12 months Barriers to Cyber Resilience Lack of investment 60% Inability to hire skills 56% Lack of Visibility into assets 46% Lack of end user training 31% Lack of training and cert for IT staff 28% Silo and Turf issues 24% Lack of Information governance practices 22% Lack of Board reporting 17% Lack of C Level Buy in 15% Business Owner Who has overall responsibility for directing an organizations efforts to ensure a high level of cyber resilience? CIO 23% BU Leader 22% CISO 14% NO ONE PERSON 11% BC Manager 8% CRO 7% CEO 7% CTO 6% 4 2018 IBM Corporation
Cyber resilience is a team sport Identify your risks Identify key assets, systems and data Assess your cyber resiliency readiness, process and posture Define a roadmap and action plan to build or improve your cyber resilience plan (*) Recover normal operations Orchestrate and automate your recovery workflow Rebuild mission-critical business applications Restore data from back up Prioritize network resources to speed recovery Respond with a Plan Response planning and orchestration Engage cyber incident responders leveraging threat intelligence to repel the attackers Remediate the attack damage by restoring systems and closing vulnerabilities Recover Respond Identify Detect Protect Protect your assets against attacks by discovering vulnerabilities before they are exploited Awareness and Training Access Control Discover and patch systems Automatically fix vulnerabilities Zero Trust as a guiding principle of your network policy Detect threat activity with advanced analytics See attacks across the enterprise Investigate active threats from inside and outside the enterprise Cognitive analysis and automation https://www.nist.gov/cyberframework National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity
Cyber Resilience combines multiple IT disciplines Cyber Resiliency Organization Dimensions Technology Environment IT Risk Organisational Management Information Security Management Resilience Data Security IT Risk Management Information Protection Threat & Vulnerability Management Business Continuity Management Network Security Business Continuity Management Policy & Governance IT Service Continuity Management Cyber Resiliency Program Asset Management Identity & Access Management Change & Config Management Event & Incident Response IT Service Continuity Management Collaboration & Communication Disaster Recovery Management Partner Eco System Training & Awareness
Cyber Resiliency Assessment 7
Do you have one defined Leader that is responsible for Switch over & Fail Over? Does your CISO work hand in hand with your Disaster Recovery Manager and Business Continuity Manager? Does your Backup Strategy include Point in Time copies, Air gapped & WORM storage, forensic analysis and continuous switch over testing? Does your Disaster Recovery Plan get tested regularly that includes your supply chain? Do you run your production environment from your DR environment on a regular basis? Is Resilience at the core of your architectural design principles? 8
Thank You FelicityMarch@UK.IBM.COM 9 2018 IBM Corporation