Tag Archives: AXELOS

GICSR adopts RESILIA Cyber Resilience Best Practice to assist critical infrastructure organisations

The Global Institute for Cyber Security + Research (GICSR) is adopting RESILIA Cyber Resilience Best Practice and its certified training and awareness learning to advance GICSR’s mission of improving the resilience of critical infrastructure organisations against cyber attack.

The RESILIA portfolio, which is managed by AXELOS Global Best Practice, will be delivered via the GICSR Global Cyber Range.

Cyber risks are now recognised as one of the most significant risks to national security as well as to an organisation’s market reputation, customer trust and competitive advantage.

Effective cyber resilience requires a proactive stance to reduce risks that will support operational efficiency, innovation, economic prosperity and public safety.

For organisations to fully harness this opportunity they need to manage a holistic approach that encompasses people, process and technology.

NickWildingAXELOS

Nick Wilding: head of RESILIA Cyber Resilience at AXELOS

GICSR is a non-profit organisation linking critical infrastructure stakeholders to define and deliver scalable, flexible and adaptable cyber resilience solutions.

Deborah Kobza, GICSR president and CEO, commented: “Strengthening cyber security resilience requires collaboration, co-ordination and a ‘Call to Action’. It’s a shared public/private responsibility across all critical infrastructure stakeholder organisations. We’re delighted to be adding the RESILIA Best Practice certified training and awareness learning, which is based on ITIL, to existing capabilities within the GICSR Global Cyber Range as a means of better tackling the critical ‘human factor’ aspects of cyber resilience.”

Collaboration and Best Practice

As stated, RESILIA is managed by AXELOS Global Best Practice. The RESILIA certified training and awareness learning portfolio helps build collaboration and Best Practice across an organisation. It embeds the awareness, insight and skills required to make organisations more effective in keeping their critical information safe.

The portfolio is being delivered via the GISCR Global Cyber Range including access to a virtual live network environment in order to apply theory to practice.

Nick Wilding, head of RESILIA Cyber Resilience at AXELOS, commented: “I’m delighted that RESILIA has been adopted by GICSR to help critical infrastructure organisations build the skills and insight required to enable cross-functional collaboration in managing and continually improving an effective cyber resilience strategy and management system. 90% of cyber attacks succeed because of human error. People must sit at the heart of effective cyber resilience which should focus on aligning strategic priorities, service management tools, operational systems and architectures together with ongoing training and the involvement of everyone in the business.”

Both GICSR and AXELOS support cyber resilience Best Practice and the adoption of relevant frameworks and standards.

The Global Cyber Range and RESILIA Best Practice have been designed to support and align with existing business and cyber security integration frameworks (including the NIST Framework for Improving Critical Infrastructure Cyber Security and the NIST National Cyber Security Education Framework.

Advertisements

Leave a comment

Filed under Risk UK News, Uncategorized

AXELOS announces launch of Cyber Resilience Best Practice Portfolio designated RESILIA

AXELOS Global Best Practice has unveiled RESILIA, the new Cyber Resilience Best Practice Portfolio will be launched in June 2015. The Best Practice Portfolio will help organisations gain the confidence they need to recognise, respond to and recover from cyber attacks on an effective and efficient basis.

Information is critical to the success of all innovation and is precious to any organisation. It’s also valued by a range of adversaries and, with the emergence and rapid development of a globally networked information environment, it’s now easier than ever before to target and attack that information.

To address the challenges of this ever-changing landscape, AXELOS has developed the RESILIA Portfolio to encompass detailed publications, training and awareness tools.

The RESILIA Best Practice Portfolio is designed to help any organisation define what good cyber resilience looks like for them, to guide them in effectively managing their cyber risks and to bounce back following an attack with minimal reputational or financial damage.

For organisations to harness this opportunity they have to adopt an enterprise approach that encompasses people, process and technology.

The AXELOS RESILIA Best Practice Portfolio is designed to help businesses mitigate their cyber security risks

The AXELOS RESILIA Best Practice Portfolio is designed to help businesses mitigate their cyber security risks

Nick Wilding, head of cyber resilience at AXELOS, said: “Inside your organisation there’s a powerful force that can protect your reputation, safeguard your information and keep customers close – it’s your people. The focus must be on aligning strategic priorities, operational systems and architectures with the ongoing training and involvement of all people across the business. Applying RESILIA as a Best Practice tool across the enterprise will enable companies to tackle their cyber risks with renewed confidence.”

Peter Hepworth, CEO at AXELOS, added: “Our existing Best Practice Portfolio, including IT Service Management enabled by ITIL and our Project and Programme Management frameworks that encompass PRINCE2 are used by millions of practitioners around the world to successfully manage their operations and to build business value. RESILIA joins that portfolio and strengthens the ability of any organisation to be more effective.”
The RESILIA Portfolio includes:

  • Cyber Resilience Best Practice – aligned with the ITIL lifecycle – that illustrates what good cyber resilience looks like and provides practical guidance for its strategy, implementation and management
  • Cyber Resilience Awareness Learning for building your ‘cyber smart’ workforce. Multiple awareness learning modules are offered in different formats and via multiple channels to get the right information to the right people at the right time across all parts of the business
  • Cyber Resilience Foundation and Practitioner Training and Certification designed for the IT and security professional community. This provides the practical guidance required in assessing, deploying and efficiently managing good cyber resilience within business operations
  • A Cyber Resilience Maturity Management Tool that will assess your current maturity level and propose appropriate improvement action plans.

Leave a comment

Filed under Risk UK News

“Non-executive directors have a responsibility to understand cyber security risks” urges AXELOS

Non-executive directors have a responsibility to understand cyber security risks and resilience in order to best protect the interests of their business. That’s the view espoused by AXELOS Global Best Practice in a new discussion paper.

In the paper, AXELOS calls for more training on cyber security risks and resilience for non-executive directors on company Boards. ‘Mind the Information Gap: Non-Executive Directors and Professional Development’ identifies that non-executive directors on audit and risk committees are in a unique position to improve the resilience of their companies, but asserts that many may not currently have access to the training and skills necessary in order to do so.

Nick Wilding, head of cyber resilience Best Practice at AXELOS, stated: “Some organisations can be complacent about cyber risk, believing that ‘We’re not a target. We’re too small and don’t have anything of value to a hacker.’ The reality is that everyone in a business needs to be aware of cyber security risks and resilience strategies, but particularly those in senior roles.”

Wilding added: “Companies need to ensure that their Board members are able to learn about these issues. This is the best way to ensure that a company is as prepared as possible for any incident or attack.”

Nick Wilding: head of cyber resilience Best Practice at AXELOS

Nick Wilding: head of cyber resilience Best Practice at AXELOS

Professional development strategy for senior executives

The discussion paper recommends that companies introduce a professional development strategy for senior executives designed to address this lack of understanding of cyber security issues at Board level. This will help Board members build cyber security risks into a broader understanding of their organisation’s ‘risk appetite’. It will also ensure that they have the capacity to understand and question audit, risk and compliance reports that are provided by the organisation.

In addition, AXELOS also argues that, as a consequence of this better understanding, strong relationships between specific Board members and key figures from the business – such as the CIO, CISO and risk director – will be formed, in turn ensuring that cyber security issues have a ‘champion’ at Board level.

In conclusion, Wilding explained: “Ahead of the launch of the new AXELOS Cyber Resilience Best Practice portfolio later this year, our new discussion paper demonstrates how important it is that everyone – including those at Board level – in an organisation is equipped to deal with a cyber security incident. Companies must improve their resilience. This can only happen if Board members are engaged and informed.”

*The new discussion paper can be found on the AXELOS website: www.axelos.com/case-studies-and-white-papers/mind-the-information-gap

**AXELOS was formed in 2013 to promote and grow the Global Best Practice portfolio, including ITIL, PRINCE2 and the other PPM products used across organisations in the private, public and voluntary sectors within more than 150 countries worldwide.
 
AXELOS has an ambitious programme of investment for developing innovative new solutions and stimulating the growth of a vibrant, open and international ecosystem of training, consultancy and examination organisations.
 
Forthcoming developments include the aforementioned launch of a Cyber Resilience Best Practice portfolio, PRINCE2 Agile, the ITIL Practitioner qualification and its first-ever Continuing Professional Development (CPD) programme for practitioners.

Leave a comment

Filed under Risk UK News