There has been a great deal of debate in the past around the differences between information security, IT security and Cyber security – many of us in the field have views on the differences and similarities from a marketing or operational perspective.
We have also seen growing use of the mantra “It’s not when but if” when it comes to cyber attacks. This has been the theme of several external papers from leading consultancy firms as well as one of Huntsman Security’s own publications (See http://www.tier-3.com/sm-2013-cyberrisk.php).
Where is this going? Well the term on the boardroom agenda today is “Cyber Resilience” – A combination of effective, risk and threat-based preventative controls with an equivalent proficiency in the detection and response capabilities, toolsets and processes. I.e. an acknowledgement that a concerted, targeted, determined attacker will be able to circumvent any defence; so detecting attacks quickly and responding to limit impacts, safeguard data and maintain your reputation is paramount.
This has been the subject of national-level desktop exercises run in the UK by the Bank of England (Waking Shark and Waking Shark II) to focus on the resilience of the financial sector and was it also headlined in an Australian Securities and Investments Commission (ASIC) report recently (http://asic.gov.au/regulatory-resources/find-a-document/reports/rep-429-cyber-resilience-health-check/). The US also, following the various high profile breaches recently, has focus on this too – see https://www.us-cert.gov/ccubedvp/self-service-crr for example.
So what we are seeing, and at Huntsman warmly welcome, is the crystallisation of the terminology around Cyber Resilience – both as a clearly understood and unambiguous discipline; but also as a topic that security teams can discuss at board level with confidence and with the support and backing of the various Governments, Audit and Advisory firms, CERTs and Regulators that really matter at that senior level.
Cyber Resilience – it works for us.« Back to Huntsman News & Media Articles