Setting Up An Operational Resilience Framework

You are in charge of disaster response and recovery at your organization and you have just been hit with a wiperware attack. Your team has executed its playbook to retrieve data from your back-up files.  However, all of your organization’s systems, applications, networks, and devices are inaccessible.

You quickly realize that by following traditional disaster recovery practices you have focused almost exclusively on data recovery, with little regard for providing critical services to customers as you work to recover fully from this crisis.

This is the nightmare that many enterprises have faced when they have become victims of a destructive attack.  

Today’s cyberthreat landscape illustrates the need for enterprises to not just have back-ups of user and business data, but to also have immutable and distributed backups of applications, systems, networks, processes and other critical services to enable swift recovery of operations. It has become clear that just having good back-ups of data is an inadequate business response.   

Without the ability to quickly restore minimal viable service levels with accurate data and restoration of critical applications, networks, devices and systems architecture, organizations are at high risk of extending disruption from attacks. Executive management, shareholders, customers and then journalists will ask legitimate questions regarding how quickly minimal service levels can be restored. How have you prepared for this type of attack? 

Three years ago, Global Resilience Federation’s Business Resilience Council (BRC) launched a multi-sector working group to establish a framework to address all aspects of data, systems, and processes recovery from a destructive attack. The ORF’s multi-sector volunteer team of experts included security and resilience practitioners and consultants from many industry sectors. The working group spent over two years to develop the Operational Resilience Framework (ORF) which was then reviewed by over a hundred organization before version 1.0 was released (www.grf.org/orf). 

The ORF provides rules and implementation aids that support a company’s recovery of data, systems and processes based on establishment of minimum viable services levels and objectives for immutable backup and recovery. The ORF is a vendor agnostic solution and establishes a set of rules that are uniquely not prescriptive with a goal of reaching a goal of operational resilience for the enterprise that is consistent with existing standards.

 A summary of the path towards operational resilience identified by the ORF include:

  1. Implement an industry-recognized standard IT and cybersecurity controls framework.
  2. Understand the organization’s role in the ecosystem. 
  3. Conduct an inventory and allocate business processes, systems, and data sets into three categories- Operations Critical, Business Critical, and Business as Usual.
  4. Define your organization’s impact tolerance for disruptions to each Operations Critical service. 
  5. Preserve the Data Sets necessary to support Operations Critical and Business Critical services.
  6. Develop Operations Resilience processes to enable recovery and restoration of Operations Critical and Business Critical services within acceptable impact tolerances.
  7. Independently evaluate design and test periodically.

The ORF is designed to be broadly applicable, with downloadable documents including:  

  • Rules targeted to practitioners with information on the steps, terminology, implementation aids, and future activities.
  • A mapping of the rules to NIST and ISO controls.
  • A glossary document with defined key terms.
  • A business-oriented implementation scenario to explain use cases in the form of a plausible incident.

In the face of a destructive cyberattack or massive natural disaster, enterprises must plan to mitigate the impact based on pre-established minimal viable service levels and objectives. Don’t be unprepared.

The ORF working group is now working on various ORF implementation tools including a maturity model, training programs and operational resilience exercises for multiple sectors. Visit www.grf.org/orf to download the complimentary documents to enhance your organization’s resilience against destructive events and maintain operational continuity.  

Bill Nelson is Chair at the Global Resilience Federation

You Might Also Read:

Zero Trust: A Paradigm Shift in Cybersecurity:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Hollywood Stars Strike Over AI Human Replacements
WEBINAR | Uplevel Your Cloud Security Posture With CSPM »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

Anomali

Anomali

Anomali delivers intelligence-driven cybersecurity solutions to enhance threat visibility, automate threat processing and detection, and accelerate threat investigation, response, and remediation.

CyberScout

CyberScout

Cyberscout delivers the latest cybersecurity education, protection and resolutions services. We also provide swift incident response services around the world.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

Balbix

Balbix

Balbix BreachControl™ is the industry’s first system to leverage specialized AI to provide comprehensive and continuous predictive assessment of breach risk.

Dual Layer IT Solutions

Dual Layer IT Solutions

Dual Layer offer a full range of IT Services and Solutions for businesses from IT infrastructure design to cloud/hosted solutions, cybersecurity, disaster recovery and IT training.

Bl4ckswan

Bl4ckswan

Bl4ckswan is a Management Consulting firm specialized in the delivery of information security and compliance services.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

24By7Security

24By7Security

24By7Security are Cybersecurity & Compliance Specialists with extensive hands on experience helping businesses build a defensive IT Infrastructure against all cyber security threats.

Parameter Security

Parameter Security

Parameter Security is a provider of ethical hacking and information security services.

IT Acceleration

IT Acceleration

IT Acceleration is a full-service IT management and support, IT compliance and Digital Forensics company.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

Truly Secure

Truly Secure

Truly Secure is an IT Service Provider that ensures greater efficiency and security within a company's technological environment.

Pillr

Pillr

Pillr is a cybersecurity operations platform capable of adapting to the demands of your business and team — and the global threat landscape.

Quarkslab

Quarkslab

Quarkslab is a dedicated team of cyber-security engineers and developers. We aim at forcing the attackers, not the defender, to adapt constantly.

Tryaq

Tryaq

Tryaq are a group of cybersecurity experts and enthusiasts who share the mission to make the world feel safer online.