Cyber resilience is the ability of an organization to enable business continuity (business resilience) by preparing for, responding to and recovering from cyber attacks. A resilient cyber organization can adapt to known and unknown crises, threats, adversities and challenges. So, if you want to know how to successfully implement your cyber resilience program, our experts Tech for Business suggest 2 essential steps.
The key principles of cyber resilience
Due to its central role in the management of companies and organizations, any malfunction of the IT system potentially impacts all business processes and company activities. It can lead to business stoppages, data loss or leakage, sometimes with serious financial and legal consequences, not to mention thenegative impact on the company'simage.
In this case, the origins of IT system failures are manifold
- peak activity
- server failure
- cyber attack
- piracy
- etc.
To avoid any difficulties in the event of a serious IT incident, it is vital for companies to prepare for such situations and become cyber-resilient. This requires a multi-layered approach, encompassing people, processes and technology.
There are 2 main stages in setting up a cyber resilience program.
All the more so as recent years have seen a widespread switch to telecommuting tools. telecommuting tools. As a result, this new way of working has put pressure on infrastructures and sometimes shown the limits of planned continuity arrangements.
At the same time, the number of cyberattacks continues to rise, combining technical and behavioral scenarios. Examples include spectacular attacks on Mariott Hotels, Paris Hospitals, Easyjet, Cisco, Honda factories, Sopra Steria and many others.
How do you implement a cyber resilience program?
Stage 1: preparation and protection with the PUPA (Plan d'Urgence et de Poursuite d'Activité - Emergency and Business Continuity Plan)
Firstly, the process begins with a global diagnosis of information assets. The aim is to identify critical business issues and the potential impact of cyber-attacks on :
- (digitized) business processes and the tools required to run them
- Company or customer data
- hardware components, critical software and IT processes
- stakeholders: company departments, customers, suppliers, partners, employees, etc.
Once the associated risks have been identified, a detailed analysis of the organization (processes, activities, risks) enables us to design and implement cyber resilience measures adapted to all types of crisis. These measures are formalized in a PUPA (Plan d'Urgence et de Poursuite d'Activité).
This plan includesa series of measuresant to maintain activities operational in the event of a crisis or extreme shock, and à plan for temporary temporarily in emergency mode. It replaces the sometimes vague PCA (Plan de continuité d'activité).
PUPA has several components:
An Operational Continuity Plan (OCP) that assesses critical business scenarios, and defines and implements appropriate preventive measures.
An IT Continuity Plan (ICP) that addresses critical elements of the IT system, and defines and implements appropriate preventive measures.
A Crisis Management Plan (CMP) to be activated when a crisis occurs
These plans also list the actions to be taken to protect the company and minimize risks. Example: training employees in the basics of cybersecurity.
Step 2: Incident detection and management via SOCs (Security Operations Centers)
Secondly, deploying a cyber resilience program also requires constant monitoring of the information system.
Increasingly, this monitoring is entrusted to SOCs (Security Operations Centers), whose mission is to detect risks within the information system, analyze them and propose the best response. Thanks to the contribution of artificial intelligence, the detection capacity of SOCs is increasing, and their scope of action can be extended far beyond the risks of cyber-attack:
- Better detection
- Predictive analysis to detect threats before they occur
- Automating the cybersecurity chain from detection to resolution
- Business process compliance, fraud detection, etc.
Les modalités de réponse aux menaces détectées doivent être prévues en amont et impliquer l’ensemble des parties prenantes clés de l’entreprise (internes ou externes), afin de permettre une réponse rapide, pertinente et proportionnée.
In conclusion: a cyber resilience program is essential for any organization
Studies show that cyber resilience enables companies to reduce the cost of disaster recovery by around 50%.
However, the complexity of implementing a cyber resilience program, and its significant cost, can be a deterrent. Only an approach inspired by best practice, but resolutely pragmatic and tailored to the needs of the company, can deliver the desired return on investment.
Finally, given that in many cases, people are the weakest link, we can't stress enough how important it is to include in a cyber resilience program actions to change behavior, and thus make employees the actors of this resilience.
Further information
Digital resilience: cybersecurity and supply
Building French and European digital resilience is a fundamental issue of sovereignty that goes far beyond digital issues alone. In our dossier
Information systems outsourcing: an opportunity to accelerate digital transformation?
Outsourcing your information systems? Perhaps the health crisis has revealed the need for IT outsourcing within your company. When you ask
Project or Program Turnaround: Getting an ailing project back on track
Cross-functional projects are fraught with difficulties, which often begin at the outset: complexity, project size, poor governance, and so on. We
