Skip to main content

Resilia - Cyber Resilience Best Practices

Operating under a constant threat of cyber attacks is the new normal for many organizations in today’s virtual business environment.  These attacks can come from anywhere, from anybody and at any time.  It is no longer a question of reacting to and then fixing the problem.  Today the question is “How do we prepare the entire organization to be prepared and vigilant to deal with cyber security threats each and every day.

A defensive approach is no longer adequate.  A proactive strategy by cyber security teams with the appropriate expertise, capabilities and best practice processes and policies is an absolute must have in order to meet the challenge of recurring engagement with those whose intent is to harm the organization in some way. There must be well defined and documented processes to prevent, where possible, detect and respond with control and countermeasures as quickly as possible while predicting what will happen next.   The introduction of effective cyber resilience requires a top down approach with strong support from the C-level executive suites who must define risk tolerance and then, along with IT and other stakeholders, define a balanced strategy of risk assessment and mitigation.

Resilia (a cyber resilience lifecycle) is based on the ITIL service management lifecycle and covers a wide range of cyber resilience best practices and can be used to support a cyber resilience strategy which will encompass prevention, detection, correction and recovery from attacks. It is a collaborative approach which includes all resources and stakeholders across an organizations value network.

At its core are the three main characteristics of confidentiality, integrity, and availability of information (CIA).  Confidentiality, ensures that data and information is not made available to unauthorized individuals or organizations. Integrity, is the characteristic of information that ensures it is accurate and the quality of it being correct.  Availability is a characteristic of information that ensures it can be used when needed by authorized personnel.  Additionally we also are concerned about authentication which is verification that a characteristic or attribute which appears to be true, or is claimed to be true, is in fact true.

We will be introducing more on Resilia in future blogs.

Comments

Popular posts from this blog

Four Service Characteristics

Recently I came across several articles by researchers and experts that laid out definitions and characteristics of services. ITIL provides us with a definition that can help drive the creation of value-laden services: A means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks. An area that ITIL is not so clear is in terms of service characteristics. Several researchers and experts put forth that services have four basic characteristics (IHIP): Intangibility—Services are the results of actions not things. They have no physical presence and represent a logical set of elements. One way to think of service is “work done for others.”  Heterogeneity—Also known as “variability”; services are unique items because of the mechanisms used to deliver services, which is people. Because the people element adds variability, the service is variable. This holds true, especially for the value proposition—not eve...

What Is A Service Offering?

The ITIL 4 Best Practice Guidance defines a “Service Offering” as a description of one or more services designed to address the needs of a target customer or group.   As a service provider, we can’t stop there!   We must know what the contracts of our service offering are and be able to put them into context as required by the customer.     Let’s explore the three elements that comprise a Service Offering. A “Service Offering” may include:     Goods, Access to Resources, and Service Actions 1. Goods – When we think of “Goods” within a service offering these are the items where ownership is transferred to the consumer and the consumer takes responsibility for the future use of these goods.   Example of goods that are being provided in the offering – If this is a hotel service then toiletries or chocolates are yours to take with you.   You the consumer own these and they are yours to take with you.      ...

The New Four Ps of Service Management

By Donna Knapp For years, people , process , and technology (PPT) was a widely recognized framework for balancing and integrating the components needed to achieve optimal performance and outcomes. In the ITIL v3 Service Design publication, this framework was expanded to the four Ps: people , processes , products , and partners . ITIL 4 has further expanded and evolved this framework to the four dimensions of service management. These four dimensions are collectively critical to the effective and efficient facilitation of value for customers and other stakeholders in the form of products and services. The four dimensions of service management are: Organizations and people Information and technology Partners and suppliers Value streams and processes. These four dimensions represent perspectives which are relevant to the whole service value system (SVS), including the entirety of the service value chain and all ITIL practices. Each ITIL practice is a set of organizational resources base...