Cyber Resilience Framework 3: Respond and Recover

Framework 3

The third element of IT Governance’s Cyber Resilience Framework addresses the need to manage incidents quickly and effectively to limit harm and return to full functionality.

The extent to which you implement the below measures will depend on your environment and compliance requirements.

Incident response management 

ICT services are resilient in the event of disaster and can be recovered within timescales agreed with senior management.  

ICT (information and communication technology) continuity management  

Plans, defined roles, training, communications and management oversight for quickly discovering an incident and effectively containing the damage, eradicating the threat, and restoring the integrity of affected network and systems. There are agreed thresholds and timescales for recovering ICT functions following an incident. 

Business continuity management 

Measures for identifying the risk of exposure to internal and external threats, and for dealing with major disruptions like cyber attacks, floods and supply failures.  

Information sharing and collaboration 

Threat and vulnerability information is shared among suppliers, partners, industry bodies and authorities to enhance the collective ability to proactively detect, prevent, mitigate, respond to and recover from cyber security incidents. 

Framework 4: Govern and assure

top
Protect your
business
this winter