Cyber resilience is the capacity of an organization to prevent, identify, and mitigate impacts from cyber incidents that could affect its operations and ability to deliver services. Cyber threats are increasingly serious, as attacks can come from foreign intelligence, criminals, journalists, hackers, and even insiders. Given that complete risk mitigation is impossible, the goal is to make systems resilient enough to withstand attacks and recover quickly. Local governments are encouraged to take leadership in partnering for cyber resilience.
5. 5
Cyber Resilience is the
capacity to prevent, identify
and mitigate any impact that
cyber incidents have on the
information your
organisation requires to do
business and deliver public
services.
Cyber Resilience ?
7. 7
Cyber Resilience Threat Landscape
Deliberate;
Foreign Intelligence Services
Organised Criminals
Investigative Journalists
Hacktervists
Social Media - includes social groups
Insider threats
Disgruntled staff
Ex-Staff
Staff under duress
Damage to
reputation
/Trust
Cyber has been identified
as one of the four tier
one threats to UK
security
8. •BCS: 5 – 7 million victims
•Individuals and businesses – we are all vulnerable
Crimes against the individual - Our lives are online / Our data is
online
•Two types of businesses
•Those who know – those who don’t
•The 2015 Information Breaches Survey reported that
90% of large organisations and 74% of small businesses
had security breaches.
Scale of Cyber Problem
Scale of the Cyber Problem
•Fraud and
Cyber 70%
9. 9
Recognising that 100% risk
mitigation is not possible in any
complex system, the overarching
goal of a risk-based approach to
cyber security is system resilience
to survive and quickly recover
from attacks and accidents.
Partnering for Cyber Resilience
Then world Economic Forum
January 2013
.
Risk Appetite
We live in a rapidly changing and connected world that faces new opportunities and challenges
We live in a rapidly changing and connected world that faces new opportunities and challenges
We live in a rapidly changing and connected world that faces new opportunities and challenges
To find out more see DCLG’s detailed guidance around what to do and where to go for help on the cyber agenda
We see key to improved information sharing is getting LRFs’ an localities to join the Cyber-security Information Sharing Partnership
CiSP membership is free and the platform is a joint industry government initiative to share cyber threat and vulnerability information in order to increase overall situational awareness of the cyber threat and therefore reduce the impact on UK business. CiSP members receive enriched cyber threat and vulnerability information from the ‘Fusion Cell’, a joint industry and government analytical team who examine, analyse and feedback cyber information from a wide variety of data sources.
We see key to improved information sharing is getting LRFs’ an localities to join the Cyber-security Information Sharing Partnership
CiSP membership is free and the platform is a joint industry government initiative to share cyber threat and vulnerability information in order to increase overall situational awareness of the cyber threat and therefore reduce the impact on UK business. CiSP members receive enriched cyber threat and vulnerability information from the ‘Fusion Cell’, a joint industry and government analytical team who examine, analyse and feedback cyber information from a wide variety of data sources.
Hence the Government is extending the work of the National Cyber Security Programme out to localities
Audience participation. What can they identify?
Highlight that if all of these are threats at home, then how many of these cross over to their business?
How many work from home?
BYOD policies (Bring Your Own Disaster)