CN
Uploaded byChristian F. Nissen
PPTX, PDF1,750 views

Introduction to RESILIA and Cyber Resilience

The document discusses cyber resilience, which is the ability of an organization to prevent, detect, and recover from cyber incidents, emphasizing a holistic approach through the Resilia framework. It highlights the importance of understanding cyber threats, organizational maturity in managing risks, and adherence to best practices and standards for effective cyber resilience. Additional focus is given to the roles of governance, training, and the engagement of all organizational levels in cultivating a resilient cybersecurity culture.

Embed presentation

Downloaded 126 times
RESILIA and Cyber Resilience - Introduction Christian F. Nissen, CFN Consult RESILIATM, ITIL®, PRINCE2® MSP®, MoP® and MoV® are Registered Trade Marks of AXELOS in the United Kingdom and other countries COBIT® is a registered trademark of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI) TOGAFTM and IT4ITTM are trademarks of The Open Group SIAM® is a registered trademark of EXIN © 2018 of CFN Consult unless otherwise stated
2 Agenda 1. Cyber threats 2. Cyber Resilience 3. Cyber Resilience Lifecycle ❍ Strategy ❍ Design ❍ Transition ❍ Operation ❍ Continual Improvement 4. Segregation of duties and dual controls 5. Barriers to Cyber Resilience Agenda © 2018
Why bother? According to the ISACA’s January 2016 Cybersecurity Snapshot,  84 percent of respondents believe there is a medium to high likelihood of a cybersecurity attack disrupting critical infrastructure (e.g., electrical grid, water supply systems) this year.  20 percent of the respondents have experienced a ransomware incident  72 percent of respondents say they are in favor of the US Cybersecurity Act, but only 46% say their organizations would voluntarily participate in cyber threat information sharing, as outlined in the Act. 3 © 2018 Cyberthreats
Why bother? 4 © 2018 Cyberthreats Jim Baines, CEO of Baines Packaging Inc., a major US packaging company
Why bother? 5 © 2018 Cyberthreats
Best practices and standards Some standards and frameworks that can help organizations to manage cyber threats include:  NIST Framework for Improving Critical Infrastructure Cybersecurity - A US risk-based approach to managing cybersecurity risk.  Management of Risk (M_o_R) - Best practice for managing risk  ISO/IEC 27001 - International standard for information security management  ISO 31000 - International standard defining risk management principles and guidelines.  ISO 22301 - International standard for business continuity  COBIT 5 – Best practice for governance and management of enterprise IT.  ITIL – Best practice for IT service management  ISO/IEC 20000 - International standard for IT service management 6 © 2018 CyberResilience
Information Security versus Cyber Resilience The human factor ❍ Service value resides in information, technology, people and processes ❍ People and their behaviour cause most vulnerabilities ❍ Need to look beyond information security – to cyber resilience 7 © 2018 CyberResilience Information Tech- nology People Pro- cesses
Information Security versus Cyber Resilience Security is defined as ‘the state of being free from danger or threat’ and involves the protection (confidentiality, integrity, availability & non-repudiation) of what is important, often with more emphasis on prevention and less emphasis on recovery from an incident. However prevention alone is no longer a realistic strategy. Resilience is the ability of a system or component to resist an unplanned disturbance or failure, and to recover in a timely manner following any unplanned disturbance or failure. 8 © 2018 Resilience Security CyberResilience
What is Cyber Resilience?  Cyber resilience is the ability to prevent, detect, and correct (respond & recover) any impact that incidents have on the information required to do business.  Right balance between three types of control activity: 9 © 2018 CyberResilience Preventive Detective Corrective
What is RESILIA?  A best practice from Axelos released in 2015  A balanced and holistic approach to cyber resilience  The missing chapter in ITIL  Risk and control based  Lifecycle based 10 © 2018 CyberResilience https://www.axelos.com/resilia
What is RESILIA?  Risk-based 11 © 2018 Asset Vulnera- bility Threat CyberResilience
What is RESILIA?  Addressing risk 12 © 2018 CyberResilience
What is RESILIA? 13 © 2018 CyberResilience Best Practice Guide Core practical guidance for strategy, implementation and management: “what good looks like” Individual Awareness Learning & Know-how All staff across an organisation IT teams and data owners/managers Membership & CPD IT teams and data owners/managers Leader Engagement Leadership team across an organisation Management Pathway Tool Foundation & Practitioner Training
RESILIA Management Pathway Tool Method of assessing the maturity of cyber resilience in your organization ❍ Explore the RESILIA best practice guidance and understand how its processes and security controls apply to your organization. ❍ Evaluate your existing cyber resilience controls and processes to identify the critical gaps ❍ Map the necessary improvements you need to make to meet your desired level of cyber resilience maturity 14 © 2018 CyberResilience
RESILIA Leader Engagement Awareness products tools and guidance specifically designed to increase understanding, insight and action in the boardroom These include: ❍ Continuing professional development and learning for executive and non-executive directors ❍ Cyber boardroom simulations ❍ Cyber resilience risk management training for senior risk management decision makers. 15 © 2018 CyberResilience
RESILIA Awareness Learning 16 © 2018 CyberResilience Learning modules Phishing Social engineering Password safety Information handling Online safety Remote and mobile working Personal information Learning formats Games Simu- lations Videos eLear- ning Tests and refresh- ers Anima- tions
RESILIA Certification 17 © 2018 CyberResilience Cyber Resilience Foundation Cyber Resilience Practitioner Course structure Learning outcomes 3 day classroom course or 20 hours of distance learning, optional simulation to start course, Foundation certification multiple choice exam How decisions impact good/ bad Cyber Resilience Comprehensive approach across all areas How to make good Cyber Resilience an efficient part of business and operational management 2 day classroom course or 15 hours of distance learning, optional simulation to start course, Practitioner certification multiple choice exam, bundled with Foundation as a 5 day course What effective Cyber Resilience looks like Pitfalls, risk and issues that can easily hit Cyber Resilience Getting the best balance of risk, cost, benefits and flexibility within an organization
Positioning of RESILIA certification 18 © 2018 CyberResilience IT VENDORS- CISCO, MS, ORACLE etc ISC(2) CISSP CompTIA Security+ EC Council Ethical Hacker EC Council Certified Security Analyst CISM ISC(2) SSCP CLA S ISO27001 auditor CESG CCP CES G CCT ISACA Cybersecurity Fundamentals Certificate AXELOS RESILIA Practitioner AXELOS RESILIA Foundation BCS InfoSec Principles Key Grey = non-certification course Size of circle = course market share TECHNICAL FOCUS BUSINESS FOCUS GENERAL AUDIENCE NICHE AUDIENCE
RESILIA CPD scheme Continuing Professional Development (CPD): ❍ Coming in 2018 ❍ Completing a RESILIA qualification will earn 15 CPD points towards a professional membership ❍ A route to maintain your RESILIA qualification without re-sitting the exam 19 © 2018 CyberResilience
Who is RESILIA for? The Foundation and Practitioner certification is aimed at:  IT and security functions  Risk and compliance functions  Core business functions including HR, Finance, Procurement, Operations and Marketing. The awareness learning is for the entire organization. The leadership engagement delivers specialised training and learning for the leaders within an organization 20 © 2018 CyberResilience
RESILIA Key principles:  Clear understanding of what the organization’s critical assets are, especially information.  Clear view of the organization’s key threats and vulnerabilities arising from their environment, including their customers, partners, and supply chain.  Adoption of a common language used by all stakeholders in the organization.  Assessment of the organization’s cyber resilience maturity and design of appropriate, prioritized, and proportionate plans using best practice guidance.  An appropriate balance of controls to prevent, detect, and correct. 21 © 2018 CyberResilience
The Cyber Resilience Lifecycle 22 © 2018 CyberResilienceLifecycle Strategy
Cyber Resilience Strategy – Controls 23 © 2018 Controls for Cyber Resilience Strategy Establish governance of cyber resilience Vision and mission Governance roles Manage stakeholders Identifying and categorizing stakeholders Gathering stakeholder requirements Stakeholder communications Create and manage cyber resilience policies Cyber resilience policies Structure of the policies Management of the policies (Process) Manage cyber resilience audit and compliance Audit Compliance management CyberResilienceStrategy
Cyber Resilience Strategy - Processes Interaction of ITSM Processes with Cyber Resilience Activities:  Strategy management for IT services  Service portfolio management  Financial management for IT services  Demand management  Business relationship management 24 © 2018 CyberResilienceStrategy
Cyber Resilience Strategy - Processes  Example: Cyber Resilience Interfaces with Service Portfolio Management 25 © 2018 CyberResilienceStrategy
Cyber Resilience Design – Controls 26 © 2018 Controls for Cyber Resilience Design Human Resource Security Recruitment Pre-employment, employment, exit and termination Training & awareness System Acquisition, Development, Architecture, and Design Requirement analysis Architecture design and development Threat and vulnerability modelling Secure design and development Cyber resilience security testing Supplier and Third- Party Security Management Supply chain risk management Managing third-party risks Confidentiality and non-disclosure for suppliers Compliance and auditing of the supply chain Endpoint Security Data-in-transit Data-at-rest Cryptography . . . Business Continuity Management Business impact analysis CyberResilienceDesign
Cyber Resilience Design - Processes Interaction of ITSM Processes with Cyber Resilience Activities:  Design Coordination  Service Catalogue Management  Service Level Management  Availability Management  Capacity Management  IT Service Continuity Management  Supplier Management 27 © 2018 CyberResilienceDesign
Cyber Resilience Design - Processes  Example: Cyber Resilience Interfaces with IT Service Continuity Management 28 © 2018 CyberResilienceDesign
Cyber Resilience Transition – Controls 29 © 2018 Controls for Cyber Resilience Transition Asset management and configuration management Classification and handling Data transportation and removable media Change management Authorization, control and secure implementation Testing Code review Unit, system and integration testing Regression and user-acceptance testing Penetration testing Training Documentation management Information retention and disposal CyberResilienceTransition
Cyber Resilience Transition - Processes Interaction of ITSM Processes with Cyber Resilience Activities:  Transition planning and support  Change management  Service asset and configuration management  Release and deployment management  Service validation and testing  Change evaluation  Knowledge management  Management of organizational change 30 © 2018 CyberResilienceTransition
Cyber Resilience Transition - Processes  Example: Cyber Resilience Interfaces with Release and Deployment Management 31 © 2018 CyberResilienceTransition
Cyber Resilience Operation – Controls 32 © 2018 CyberResilienceOperation Controls for Cyber Resilience Operation Access control Logical access control Business requirements and access policy Authorization, registration and provisioning Identity verification . . . Network security management Network design for resilience Segmenting networks with firewalls Network switch and logical segmentation Detecting and preventing intrusions . . . Physical security Physical access control Perimeter security Visitor management Identity badges and passes . . . Operations security Documentation Operational activities Cyber resilience incident management Incident planning Incident reporting, logging and initial assessment Responding to the incident Containing the incident, eradicating and recovering Learning lessons
Cyber Resilience Operation - Processes Interaction of ITSM Processes with Cyber Resilience Activities:  Event management  Incident management  Request fulfilment  Problem management  Access management 33 © 2018 CyberResilienceOperation
Cyber Resilience Operation - Processes  Example: Cyber Resilience Interfaces with Event Management 34 © 2018 CyberResilienceOperation
Cyber Resilience Continual Improvement 35 © 2018 CRContinualImprovement Controls for Cyber Resilience Continual Improvement Cyber resilience audit and review Technology review and audit Policy Review Review of access rights Review of administrator and operator logs Monitor, review and audit of third parties Control assessment KPI's, Key Risk Indicators and benchmarking Business continuity improvements Learning from information security incidents Process improvement Remediation and improvement planning The remediation plan Implementing improvements
Cyber Resilience Continual Improvement Interaction of ITSM Processes with Cyber Resilience Activities:  The CSI approach  The seven-step improvement process 36 © 2018 CRContinualImprovement
Cyber Resilience Continual Improvement  Example: Cyber Resilience Interfaces with The Seven-Step Improvement Process 37 © 2018 CRContinualImprovement
Segregation of duties and dual controls Segregating Duties  Ensures that privileges and roles are separated so that they cannot be used to commit fraud.  Example: Segregating development and operations Dual Controls  A method used to control abuse of privileges.  Example: Encryption of information using two separate encryption keys, each key belonging to a different person 38 © 2018 CyberResilienceResponsibilities
Barriers to cyber resilience  Lack of awareness (board level down)  Silo thinking (“it’s an IT problem”)  Narrow focus on regulatory compliance, not risk  Confusion about what “good” looks like  Cyber resilience demands a “whole system” view (information, technology, people and processes) 39 © 2018 BarrierstoCyberResilience
Questions and comments 40 © 2018 Leavingthescene
Contact 41 Christian F. Nissen cfn@cfnconsult.dk +45 40 19 41 45 CFN Consult ApS Linde Allé 1 DK-2600 Glostrup CVR: 39 36 47 86 © 2018

More Related Content

PDF
OT Security Architecture & Resilience: Designing for Security Success
byaccenture
 
PPTX
Cyber Security roadmap.pptx
bySandeepK707540
 
PDF
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
PDF
Governance of security operation centers
byBrencil Kaimba
 
PPTX
Iso iec 27001 foundation training course by interprom
byMart Rovers
 
PDF
Building a Next-Generation Security Operations Center (SOC)
bySqrrl
 
PPTX
Understanding cyber resilience
byChristophe Foulon, CISSP
 
PDF
Security architecture
byDuncan Unwin
 
OT Security Architecture & Resilience: Designing for Security Success
byaccenture
 
Cyber Security roadmap.pptx
bySandeepK707540
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
Governance of security operation centers
byBrencil Kaimba
 
Iso iec 27001 foundation training course by interprom
byMart Rovers
 
Building a Next-Generation Security Operations Center (SOC)
bySqrrl
 
Understanding cyber resilience
byChristophe Foulon, CISSP
 
Security architecture
byDuncan Unwin
 

What's hot

PDF
How to Reduce the Attack Surface Created by Your Cyber-Tools
byEnterprise Management Associates
 
PPTX
The Board and Cyber Security
byFireEye, Inc.
 
PDF
Cyber security investments 2021
byManagement Events
 
PPTX
Build an Information Security Strategy
byAndrew Byers
 
PPTX
Roadmap to security operations excellence
byErik Taavila
 
PDF
Information Security Career Day Presentation
bydjglass
 
PPTX
Crowdstrike .pptx
byuthayakumar174828
 
PPTX
Cyber attacks and IT security management in 2025
byRadar Cyber Security
 
PDF
Security operations center-SOC Presentation-مرکز عملیات امنیت
byReZa AdineH
 
PDF
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
byVijilan IT Security solutions
 
PPTX
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
PDF
Enterprise Security Architecture
byKris Kimmerle
 
PPTX
Security Operation Center Fundamental
byAmir Hossein Zargaran
 
PDF
Threat Intelligence 101 - Steve Lodin - Submitted
bySteve Lodin
 
PPTX
Cybersecurity Risk Management Program and Your Organization
byMcKonly & Asbury, LLP
 
PPTX
Adaptive Enterprise Security Architecture
bySABSAcourses
 
PDF
ISO 27005 Risk Assessment
bySmart Assessment
 
PDF
Cyber Resilience
byIan-Edward Stafrace
 
PDF
SACON - Deception Technology (Sahir Hidayatullah)
byPriyanka Aash
 
PPTX
Modelling Security Architecture
bynarenvivek
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
byEnterprise Management Associates
 
The Board and Cyber Security
byFireEye, Inc.
 
Cyber security investments 2021
byManagement Events
 
Build an Information Security Strategy
byAndrew Byers
 
Roadmap to security operations excellence
byErik Taavila
 
Information Security Career Day Presentation
bydjglass
 
Crowdstrike .pptx
byuthayakumar174828
 
Cyber attacks and IT security management in 2025
byRadar Cyber Security
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
byReZa AdineH
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
byVijilan IT Security solutions
 
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
Enterprise Security Architecture
byKris Kimmerle
 
Security Operation Center Fundamental
byAmir Hossein Zargaran
 
Threat Intelligence 101 - Steve Lodin - Submitted
bySteve Lodin
 
Cybersecurity Risk Management Program and Your Organization
byMcKonly & Asbury, LLP
 
Adaptive Enterprise Security Architecture
bySABSAcourses
 
ISO 27005 Risk Assessment
bySmart Assessment
 
Cyber Resilience
byIan-Edward Stafrace
 
SACON - Deception Technology (Sahir Hidayatullah)
byPriyanka Aash
 
Modelling Security Architecture
bynarenvivek
 

Similar to Introduction to RESILIA and Cyber Resilience

PDF
Introduction to Cyber Resilience
byPeter Wood
 
PPTX
CapTech Talks Webinar Jan 2025 Dewayne Hart.pptx
byCapitolTechU
 
PPTX
Draft_ppt_dmss[1][2] (1) FINAL123455667.pptx
bymazumderdevangshu
 
PDF
fortinetwebcastcyberresilienceslidedeck1739266181549.pdf
byssuser4e3b612
 
PDF
Security Incident Response Readiness Survey
byRahul Neel Mani
 
PPTX
DMSS PPT123456789012345678912348975.pptx
bymazumderdevangshu
 
PDF
Department of Homeland Security Guidance
byMeg Weber
 
PDF
Course Factsheet - AXELOS RESILIA Foundation
byMatt Trigg
 
PDF
Course factsheet - AXELOS RESILIA Practitioner
byMatt Trigg
 
PDF
Symantec cyber-resilience
bySymantec
 
PDF
RESILIA Pathway Tool infographic
byAXELOS Global Best Practice
 
PPTX
How to Make Your Enterprise Cyber Resilient
byAccenture Operations
 
PDF
DHS Guidelines
byMeg Weber
 
PDF
Cyber threat forecast 2018..
byBolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
PDF
Integrating-Cyber-Security-for-Increased-Effectiveness
byAyham Kochaji
 
PDF
Cyber Resilience white paper 20160401_sd
bySusan Darby
 
PDF
Xavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 Dec
byLaura Tibbo
 
PDF
Cybersecurity Preparedness Benchmark Study_Webex 27 Ocober 2016
byTony Moroney
 
PPTX
Robert Lentz - CSO Perspectives Roadshow 2016
byCSO_Presentations
 
PDF
Resilience in the Cyber Era
byBooz Allen Hamilton
 
Introduction to Cyber Resilience
byPeter Wood
 
CapTech Talks Webinar Jan 2025 Dewayne Hart.pptx
byCapitolTechU
 
Draft_ppt_dmss[1][2] (1) FINAL123455667.pptx
bymazumderdevangshu
 
fortinetwebcastcyberresilienceslidedeck1739266181549.pdf
byssuser4e3b612
 
Security Incident Response Readiness Survey
byRahul Neel Mani
 
DMSS PPT123456789012345678912348975.pptx
bymazumderdevangshu
 
Department of Homeland Security Guidance
byMeg Weber
 
Course Factsheet - AXELOS RESILIA Foundation
byMatt Trigg
 
Course factsheet - AXELOS RESILIA Practitioner
byMatt Trigg
 
Symantec cyber-resilience
bySymantec
 
RESILIA Pathway Tool infographic
byAXELOS Global Best Practice
 
How to Make Your Enterprise Cyber Resilient
byAccenture Operations
 
DHS Guidelines
byMeg Weber
 
Cyber threat forecast 2018..
byBolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Integrating-Cyber-Security-for-Increased-Effectiveness
byAyham Kochaji
 
Cyber Resilience white paper 20160401_sd
bySusan Darby
 
Xavier Marguinaud in Corporate Livewire Cyber Security Expert Guide 2017 Dec
byLaura Tibbo
 
Cybersecurity Preparedness Benchmark Study_Webex 27 Ocober 2016
byTony Moroney
 
Robert Lentz - CSO Perspectives Roadshow 2016
byCSO_Presentations
 
Resilience in the Cyber Era
byBooz Allen Hamilton
 

More from Christian F. Nissen

PPTX
Introduction to ITIL 4 and IT service management
byChristian F. Nissen
 
PPTX
Introduction to COBIT 2019 and IT management
byChristian F. Nissen
 
PPTX
Introduction to COBIT 5 and IT management
byChristian F. Nissen
 
PPTX
DevOps introduction
byChristian F. Nissen
 
PPTX
Introduction to ITIL 2011 and IT service management
byChristian F. Nissen
 
PPTX
Introduction to nudging in IT
byChristian F. Nissen
 
PPTX
Acquisition of IT Service Management tools
byChristian F. Nissen
 
PPTX
Why IT Service Managemement implementations sometimes fail in real life
byChristian F. Nissen
 
Introduction to ITIL 4 and IT service management
byChristian F. Nissen
 
Introduction to COBIT 2019 and IT management
byChristian F. Nissen
 
Introduction to COBIT 5 and IT management
byChristian F. Nissen
 
DevOps introduction
byChristian F. Nissen
 
Introduction to ITIL 2011 and IT service management
byChristian F. Nissen
 
Introduction to nudging in IT
byChristian F. Nissen
 
Acquisition of IT Service Management tools
byChristian F. Nissen
 
Why IT Service Managemement implementations sometimes fail in real life
byChristian F. Nissen
 

Recently uploaded

PPTX
Governance, Deployment & Methodologies for Agentic Automation [2/3]
bysuhanisingh58689
 
PPSX
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
PPTX
GenAI GraphTalk - Kuala Lumpur - 4 Nov 2025
bygourisachdeva2
 
PDF
UiPath Veterans Day Acknowledgement and Benefits
byDianaGray10
 
PDF
Automating ArcGIS Enterprise Compliance for Operational Excellence
bySafe Software
 
PDF
The Accel 2025 Globalscape: Race for compute
byPhilippe Botteri
 
PDF
Career Blueprint: Mentor Tracks & Career Clinic - Part 2
byDianaGray10
 
PDF
Revolutionizing SQL Database Design for the Modern Era.pdf
bySQL DBM
 
PDF
The Complete Crypto Airdrop Playbook: Strategies, Scams & Success Stories | 3...
by3verseTV
 
PPTX
AI and Linux in 2025 - Jay LaCroix, Learn Linux TV
byAll Things Open
 
PDF
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
PDF
Supercharge Your JVM with Project Leyden
byAna-Maria Mihalceanu
 
PPTX
Expanding Your Toolbox: Beginners Guide to Controlling Kubernetes Logs
byEric D. Schabell
 
PDF
Upskill to Agentic Automation - Accelerating Your Job Search using AI
byDianaGray10
 
PDF
WebXR in Android and Linux with OpenXR
byIgalia
 
PDF
Analyze and Store Logs - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Create, View and Edit Text Files - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Manage Files Using CLI - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Install and Update Software - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
"Visual Guide to DSA: Big O Notation, Data Structures, and Algorithms Fundame...
byNusrat Gulbarga
 
Governance, Deployment & Methodologies for Agentic Automation [2/3]
bysuhanisingh58689
 
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
GenAI GraphTalk - Kuala Lumpur - 4 Nov 2025
bygourisachdeva2
 
UiPath Veterans Day Acknowledgement and Benefits
byDianaGray10
 
Automating ArcGIS Enterprise Compliance for Operational Excellence
bySafe Software
 
The Accel 2025 Globalscape: Race for compute
byPhilippe Botteri
 
Career Blueprint: Mentor Tracks & Career Clinic - Part 2
byDianaGray10
 
Revolutionizing SQL Database Design for the Modern Era.pdf
bySQL DBM
 
The Complete Crypto Airdrop Playbook: Strategies, Scams & Success Stories | 3...
by3verseTV
 
AI and Linux in 2025 - Jay LaCroix, Learn Linux TV
byAll Things Open
 
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
Supercharge Your JVM with Project Leyden
byAna-Maria Mihalceanu
 
Expanding Your Toolbox: Beginners Guide to Controlling Kubernetes Logs
byEric D. Schabell
 
Upskill to Agentic Automation - Accelerating Your Job Search using AI
byDianaGray10
 
WebXR in Android and Linux with OpenXR
byIgalia
 
Analyze and Store Logs - RHCSA (RH124).pdf
byLinuxCert Guru
 
Create, View and Edit Text Files - RHCSA (RH124).pdf
byLinuxCert Guru
 
Manage Files Using CLI - RHCSA (RH124).pdf
byLinuxCert Guru
 
Install and Update Software - RHCSA (RH124).pdf
byLinuxCert Guru
 
"Visual Guide to DSA: Big O Notation, Data Structures, and Algorithms Fundame...
byNusrat Gulbarga
 
In this document
Powered by AI

Introduction to RESILIA and its importance in cyber resilience alongside trademarks.

Agenda outlining key topics including cyber threats, resilience, lifecycle, and barriers.

Highlighting the likelihood of cyber-attacks and the need for proactive measures.

Best practices and standards like NIST and ISO that assist in managing cyber risks.

Differences between information security and cyber resilience with a focus on recovery.

Definition of cyber resilience, focusing on prevention, detection, and correction. Description of RESILIA as a holistic approach to cyber resilience and its core principles.

Tools for evaluating cyber resilience maturity and increasing awareness among leadership.

Overview of RESILIA training modules and certification pathways for various stakeholders.

Identifying audiences for RESILIA certifications, including IT, security, risk, and leadership.

Introduction to the cyber resilience lifecycle, highlighting strategy and governance roles.

Controls and processes for designing cyber resilience measures in organizations.

Controls required for transitioning into resilient cyber systems and associated ITSM processes.

Controls for operational resilience focusing on access, network, and incident management.

Importance of continual improvement and the methods to assess and enhance resilience.

Explains the concept of duty segregation and dual controls for preventing fraud.

Discussion on barriers such as lack of awareness and silo thinking in achieving resilience.

Invitation for questions and discussion following the presentation.

Contact details for further inquiries related to RESILIA and cyber resilience.

Introduction to RESILIA and Cyber Resilience

  • 1.
    RESILIA and CyberResilience - Introduction Christian F. Nissen, CFN Consult RESILIATM, ITIL®, PRINCE2® MSP®, MoP® and MoV® are Registered Trade Marks of AXELOS in the United Kingdom and other countries COBIT® is a registered trademark of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI) TOGAFTM and IT4ITTM are trademarks of The Open Group SIAM® is a registered trademark of EXIN © 2018 of CFN Consult unless otherwise stated
  • 2.
    2 Agenda 1. Cyber threats 2.Cyber Resilience 3. Cyber Resilience Lifecycle ❍ Strategy ❍ Design ❍ Transition ❍ Operation ❍ Continual Improvement 4. Segregation of duties and dual controls 5. Barriers to Cyber Resilience Agenda © 2018
  • 3.
    Why bother? According tothe ISACA’s January 2016 Cybersecurity Snapshot,  84 percent of respondents believe there is a medium to high likelihood of a cybersecurity attack disrupting critical infrastructure (e.g., electrical grid, water supply systems) this year.  20 percent of the respondents have experienced a ransomware incident  72 percent of respondents say they are in favor of the US Cybersecurity Act, but only 46% say their organizations would voluntarily participate in cyber threat information sharing, as outlined in the Act. 3 © 2018 Cyberthreats
  • 4.
    Why bother? 4 ©2018 Cyberthreats Jim Baines, CEO of Baines Packaging Inc., a major US packaging company
  • 5.
    Why bother? 5 ©2018 Cyberthreats
  • 6.
    Best practices andstandards Some standards and frameworks that can help organizations to manage cyber threats include:  NIST Framework for Improving Critical Infrastructure Cybersecurity - A US risk-based approach to managing cybersecurity risk.  Management of Risk (M_o_R) - Best practice for managing risk  ISO/IEC 27001 - International standard for information security management  ISO 31000 - International standard defining risk management principles and guidelines.  ISO 22301 - International standard for business continuity  COBIT 5 – Best practice for governance and management of enterprise IT.  ITIL – Best practice for IT service management  ISO/IEC 20000 - International standard for IT service management 6 © 2018 CyberResilience
  • 7.
    Information Security versusCyber Resilience The human factor ❍ Service value resides in information, technology, people and processes ❍ People and their behaviour cause most vulnerabilities ❍ Need to look beyond information security – to cyber resilience 7 © 2018 CyberResilience Information Tech- nology People Pro- cesses
  • 8.
    Information Security versusCyber Resilience Security is defined as ‘the state of being free from danger or threat’ and involves the protection (confidentiality, integrity, availability & non-repudiation) of what is important, often with more emphasis on prevention and less emphasis on recovery from an incident. However prevention alone is no longer a realistic strategy. Resilience is the ability of a system or component to resist an unplanned disturbance or failure, and to recover in a timely manner following any unplanned disturbance or failure. 8 © 2018 Resilience Security CyberResilience
  • 9.
    What is CyberResilience?  Cyber resilience is the ability to prevent, detect, and correct (respond & recover) any impact that incidents have on the information required to do business.  Right balance between three types of control activity: 9 © 2018 CyberResilience Preventive Detective Corrective
  • 10.
    What is RESILIA? A best practice from Axelos released in 2015  A balanced and holistic approach to cyber resilience  The missing chapter in ITIL  Risk and control based  Lifecycle based 10 © 2018 CyberResilience https://www.axelos.com/resilia
  • 11.
    What is RESILIA? Risk-based 11 © 2018 Asset Vulnera- bility Threat CyberResilience
  • 12.
    What is RESILIA? Addressing risk 12 © 2018 CyberResilience
  • 13.
    What is RESILIA? 13© 2018 CyberResilience Best Practice Guide Core practical guidance for strategy, implementation and management: “what good looks like” Individual Awareness Learning & Know-how All staff across an organisation IT teams and data owners/managers Membership & CPD IT teams and data owners/managers Leader Engagement Leadership team across an organisation Management Pathway Tool Foundation & Practitioner Training
  • 14.
    RESILIA Management PathwayTool Method of assessing the maturity of cyber resilience in your organization ❍ Explore the RESILIA best practice guidance and understand how its processes and security controls apply to your organization. ❍ Evaluate your existing cyber resilience controls and processes to identify the critical gaps ❍ Map the necessary improvements you need to make to meet your desired level of cyber resilience maturity 14 © 2018 CyberResilience
  • 15.
    RESILIA Leader Engagement Awarenessproducts tools and guidance specifically designed to increase understanding, insight and action in the boardroom These include: ❍ Continuing professional development and learning for executive and non-executive directors ❍ Cyber boardroom simulations ❍ Cyber resilience risk management training for senior risk management decision makers. 15 © 2018 CyberResilience
  • 16.
    RESILIA Awareness Learning 16© 2018 CyberResilience Learning modules Phishing Social engineering Password safety Information handling Online safety Remote and mobile working Personal information Learning formats Games Simu- lations Videos eLear- ning Tests and refresh- ers Anima- tions
  • 17.
    RESILIA Certification 17 ©2018 CyberResilience Cyber Resilience Foundation Cyber Resilience Practitioner Course structure Learning outcomes 3 day classroom course or 20 hours of distance learning, optional simulation to start course, Foundation certification multiple choice exam How decisions impact good/ bad Cyber Resilience Comprehensive approach across all areas How to make good Cyber Resilience an efficient part of business and operational management 2 day classroom course or 15 hours of distance learning, optional simulation to start course, Practitioner certification multiple choice exam, bundled with Foundation as a 5 day course What effective Cyber Resilience looks like Pitfalls, risk and issues that can easily hit Cyber Resilience Getting the best balance of risk, cost, benefits and flexibility within an organization
  • 18.
    Positioning of RESILIAcertification 18 © 2018 CyberResilience IT VENDORS- CISCO, MS, ORACLE etc ISC(2) CISSP CompTIA Security+ EC Council Ethical Hacker EC Council Certified Security Analyst CISM ISC(2) SSCP CLA S ISO27001 auditor CESG CCP CES G CCT ISACA Cybersecurity Fundamentals Certificate AXELOS RESILIA Practitioner AXELOS RESILIA Foundation BCS InfoSec Principles Key Grey = non-certification course Size of circle = course market share TECHNICAL FOCUS BUSINESS FOCUS GENERAL AUDIENCE NICHE AUDIENCE
  • 19.
    RESILIA CPD scheme ContinuingProfessional Development (CPD): ❍ Coming in 2018 ❍ Completing a RESILIA qualification will earn 15 CPD points towards a professional membership ❍ A route to maintain your RESILIA qualification without re-sitting the exam 19 © 2018 CyberResilience
  • 20.
    Who is RESILIAfor? The Foundation and Practitioner certification is aimed at:  IT and security functions  Risk and compliance functions  Core business functions including HR, Finance, Procurement, Operations and Marketing. The awareness learning is for the entire organization. The leadership engagement delivers specialised training and learning for the leaders within an organization 20 © 2018 CyberResilience
  • 21.
    RESILIA Key principles:  Clearunderstanding of what the organization’s critical assets are, especially information.  Clear view of the organization’s key threats and vulnerabilities arising from their environment, including their customers, partners, and supply chain.  Adoption of a common language used by all stakeholders in the organization.  Assessment of the organization’s cyber resilience maturity and design of appropriate, prioritized, and proportionate plans using best practice guidance.  An appropriate balance of controls to prevent, detect, and correct. 21 © 2018 CyberResilience
  • 22.
    The Cyber ResilienceLifecycle 22 © 2018 CyberResilienceLifecycle Strategy
  • 23.
    Cyber Resilience Strategy– Controls 23 © 2018 Controls for Cyber Resilience Strategy Establish governance of cyber resilience Vision and mission Governance roles Manage stakeholders Identifying and categorizing stakeholders Gathering stakeholder requirements Stakeholder communications Create and manage cyber resilience policies Cyber resilience policies Structure of the policies Management of the policies (Process) Manage cyber resilience audit and compliance Audit Compliance management CyberResilienceStrategy
  • 24.
    Cyber Resilience Strategy- Processes Interaction of ITSM Processes with Cyber Resilience Activities:  Strategy management for IT services  Service portfolio management  Financial management for IT services  Demand management  Business relationship management 24 © 2018 CyberResilienceStrategy
  • 25.
    Cyber Resilience Strategy- Processes  Example: Cyber Resilience Interfaces with Service Portfolio Management 25 © 2018 CyberResilienceStrategy
  • 26.
    Cyber Resilience Design– Controls 26 © 2018 Controls for Cyber Resilience Design Human Resource Security Recruitment Pre-employment, employment, exit and termination Training & awareness System Acquisition, Development, Architecture, and Design Requirement analysis Architecture design and development Threat and vulnerability modelling Secure design and development Cyber resilience security testing Supplier and Third- Party Security Management Supply chain risk management Managing third-party risks Confidentiality and non-disclosure for suppliers Compliance and auditing of the supply chain Endpoint Security Data-in-transit Data-at-rest Cryptography . . . Business Continuity Management Business impact analysis CyberResilienceDesign
  • 27.
    Cyber Resilience Design- Processes Interaction of ITSM Processes with Cyber Resilience Activities:  Design Coordination  Service Catalogue Management  Service Level Management  Availability Management  Capacity Management  IT Service Continuity Management  Supplier Management 27 © 2018 CyberResilienceDesign
  • 28.
    Cyber Resilience Design- Processes  Example: Cyber Resilience Interfaces with IT Service Continuity Management 28 © 2018 CyberResilienceDesign
  • 29.
    Cyber Resilience Transition– Controls 29 © 2018 Controls for Cyber Resilience Transition Asset management and configuration management Classification and handling Data transportation and removable media Change management Authorization, control and secure implementation Testing Code review Unit, system and integration testing Regression and user-acceptance testing Penetration testing Training Documentation management Information retention and disposal CyberResilienceTransition
  • 30.
    Cyber Resilience Transition- Processes Interaction of ITSM Processes with Cyber Resilience Activities:  Transition planning and support  Change management  Service asset and configuration management  Release and deployment management  Service validation and testing  Change evaluation  Knowledge management  Management of organizational change 30 © 2018 CyberResilienceTransition
  • 31.
    Cyber Resilience Transition- Processes  Example: Cyber Resilience Interfaces with Release and Deployment Management 31 © 2018 CyberResilienceTransition
  • 32.
    Cyber Resilience Operation– Controls 32 © 2018 CyberResilienceOperation Controls for Cyber Resilience Operation Access control Logical access control Business requirements and access policy Authorization, registration and provisioning Identity verification . . . Network security management Network design for resilience Segmenting networks with firewalls Network switch and logical segmentation Detecting and preventing intrusions . . . Physical security Physical access control Perimeter security Visitor management Identity badges and passes . . . Operations security Documentation Operational activities Cyber resilience incident management Incident planning Incident reporting, logging and initial assessment Responding to the incident Containing the incident, eradicating and recovering Learning lessons
  • 33.
    Cyber Resilience Operation- Processes Interaction of ITSM Processes with Cyber Resilience Activities:  Event management  Incident management  Request fulfilment  Problem management  Access management 33 © 2018 CyberResilienceOperation
  • 34.
    Cyber Resilience Operation- Processes  Example: Cyber Resilience Interfaces with Event Management 34 © 2018 CyberResilienceOperation
  • 35.
    Cyber Resilience ContinualImprovement 35 © 2018 CRContinualImprovement Controls for Cyber Resilience Continual Improvement Cyber resilience audit and review Technology review and audit Policy Review Review of access rights Review of administrator and operator logs Monitor, review and audit of third parties Control assessment KPI's, Key Risk Indicators and benchmarking Business continuity improvements Learning from information security incidents Process improvement Remediation and improvement planning The remediation plan Implementing improvements
  • 36.
    Cyber Resilience ContinualImprovement Interaction of ITSM Processes with Cyber Resilience Activities:  The CSI approach  The seven-step improvement process 36 © 2018 CRContinualImprovement
  • 37.
    Cyber Resilience ContinualImprovement  Example: Cyber Resilience Interfaces with The Seven-Step Improvement Process 37 © 2018 CRContinualImprovement
  • 38.
    Segregation of dutiesand dual controls Segregating Duties  Ensures that privileges and roles are separated so that they cannot be used to commit fraud.  Example: Segregating development and operations Dual Controls  A method used to control abuse of privileges.  Example: Encryption of information using two separate encryption keys, each key belonging to a different person 38 © 2018 CyberResilienceResponsibilities
  • 39.
    Barriers to cyberresilience  Lack of awareness (board level down)  Silo thinking (“it’s an IT problem”)  Narrow focus on regulatory compliance, not risk  Confusion about what “good” looks like  Cyber resilience demands a “whole system” view (information, technology, people and processes) 39 © 2018 BarrierstoCyberResilience
  • 40.
    Questions and comments 40© 2018 Leavingthescene
  • 41.
    Contact 41 Christian F. Nissen [email protected] +4540 19 41 45 CFN Consult ApS Linde Allé 1 DK-2600 Glostrup CVR: 39 36 47 86 © 2018