Setting Up An Operational Resilience Framework

Uploaded on 2023-07-26 in TECHNOLOGY--Resilience, FREE TO VIEW

You are in charge of disaster response and recovery at your organization and you have just been hit with a wiperware attack. Your team has executed its playbook to retrieve data from your back-up files.  However, all of your organization’s systems, applications, networks, and devices are inaccessible.

You quickly realize that by following traditional disaster recovery practices you have focused almost exclusively on data recovery, with little regard for providing critical services to customers as you work to recover fully from this crisis.

This is the nightmare that many enterprises have faced when they have become victims of a destructive attack.  

Today’s cyberthreat landscape illustrates the need for enterprises to not just have back-ups of user and business data, but to also have immutable and distributed backups of applications, systems, networks, processes and other critical services to enable swift recovery of operations. It has become clear that just having good back-ups of data is an inadequate business response.   

Without the ability to quickly restore minimal viable service levels with accurate data and restoration of critical applications, networks, devices and systems architecture, organizations are at high risk of extending disruption from attacks. Executive management, shareholders, customers and then journalists will ask legitimate questions regarding how quickly minimal service levels can be restored. How have you prepared for this type of attack? 

Three years ago, Global Resilience Federation’s Business Resilience Council (BRC) launched a multi-sector working group to establish a framework to address all aspects of data, systems, and processes recovery from a destructive attack. The ORF’s multi-sector volunteer team of experts included security and resilience practitioners and consultants from many industry sectors. The working group spent over two years to develop the Operational Resilience Framework (ORF) which was then reviewed by over a hundred organization before version 1.0 was released (www.grf.org/orf). 

The ORF provides rules and implementation aids that support a company’s recovery of data, systems and processes based on establishment of minimum viable services levels and objectives for immutable backup and recovery. The ORF is a vendor agnostic solution and establishes a set of rules that are uniquely not prescriptive with a goal of reaching a goal of operational resilience for the enterprise that is consistent with existing standards.

 A summary of the path towards operational resilience identified by the ORF include:

  1. Implement an industry-recognized standard IT and cybersecurity controls framework.
  2. Understand the organization’s role in the ecosystem. 
  3. Conduct an inventory and allocate business processes, systems, and data sets into three categories- Operations Critical, Business Critical, and Business as Usual.
  4. Define your organization’s impact tolerance for disruptions to each Operations Critical service. 
  5. Preserve the Data Sets necessary to support Operations Critical and Business Critical services.
  6. Develop Operations Resilience processes to enable recovery and restoration of Operations Critical and Business Critical services within acceptable impact tolerances.
  7. Independently evaluate design and test periodically.

The ORF is designed to be broadly applicable, with downloadable documents including:  

  • Rules targeted to practitioners with information on the steps, terminology, implementation aids, and future activities.
  • A mapping of the rules to NIST and ISO controls.
  • A glossary document with defined key terms.
  • A business-oriented implementation scenario to explain use cases in the form of a plausible incident.

In the face of a destructive cyberattack or massive natural disaster, enterprises must plan to mitigate the impact based on pre-established minimal viable service levels and objectives. Don’t be unprepared.

The ORF working group is now working on various ORF implementation tools including a maturity model, training programs and operational resilience exercises for multiple sectors. Visit www.grf.org/orf to download the complimentary documents to enhance your organization’s resilience against destructive events and maintain operational continuity.  

Bill Nelson is Chair at the Global Resilience Federation

You Might Also Read:

Zero Trust: A Paradigm Shift in Cybersecurity:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Hollywood Stars Strike Over AI Human Replacements
WEBINAR | Uplevel Your Cloud Security Posture With CSPM »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

mile2

mile2

Mile2 develop and deliver proprietary vendor neutral professional certifications for the cyber security industry.

F-Secure

F-Secure

F-Secure defends enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks.

Aqua Security Software

Aqua Security Software

Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines.

National Association of State Chief Information Officers (NASCIO)

National Association of State Chief Information Officers (NASCIO)

NASCIO's Cybersecurity Committee focuses helps state CIOs to formulate high-level security and data protection policies and technical controls.

EdgeWave

EdgeWave

EdgeWave provides simple but highly effective data security and advanced threat protection in solutions that are affordable, scalable and easy to use.

ReversingLabs

ReversingLabs

ReversingLabs develops cyber threat detection and mitigation tools that address the the latest directed attacks, advanced persistent threats and polymorphic malware.

NSHC

NSHC

NSHC is a provider of mobile security solutions, cyber security consulting and training, and offensive research.

Sistem Integra (SISB)

Sistem Integra (SISB)

SISB provide IT Security Infrastructure & Development, Mechanical & Electrical Services, Fire Safety & Detection Services, Facilities Management & Application Development.

CETIC

CETIC

CETIC is an applied research centre in the field of ICT. Key technologies include Big Data, Cloud Computing, the Internet of Things, software quality, and trust and security of IT systems.

Dutch Accreditation Council (RvA)

Dutch Accreditation Council (RvA)

RvA is the national accreditation body for the Netherlands. The directory of members provides details of organisations offering certification services for ISO 27001.

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Consulting Services to help you secure your mission-critical systems.

Wynyard Group

Wynyard Group

Wynyard Group is a niche, technology-driven company specializing in Integrated Border Security solutions for enhanced public safety.

Hong Kong Broadband Network (HKBN)

Hong Kong Broadband Network (HKBN)

HKBN are a leading integrated telecom and technology solutions provider that offers a comprehensive range of premier ICT services to both the enterprise and residential markets.

MLSecOps Community

MLSecOps Community

The MLSecOps Community is a collaborative space for machine learning security experts and industry leaders to connect and shape the future of AI/ML security.

Closed Door Security

Closed Door Security

Closed Door Security is the only cybersecurity team in the north of Scotland offering everything from IASME Certification to CREST-Accredited penetration testing.

Metrodata Group

Metrodata Group

PT. Metrodata Electronics, known as Metrodata Group, is the leading information communication technology company in Indonesia.