Cyber Resilience

Tiny cifi5iv5e5z95eshs4aoaf2wjubrzykwyf6yurd8jii

Cyber risk is a systemic challenge and cyber resilience a public good. Every organization acts as a steward of information they manage on behalf of others. And every organization contributes to the resilience of not just their immediate customers, partners and suppliers but also the overall shared digital environment. 

In order to ensure security and resilience, organizations, both public and private, must develop the capabilities to ensure their own resilience through internal governance structures and behaviours as well as work with other organizations (enterprises, governments, and civil society) in order to ensure systemic security and resilience.

Background

Through a number of multistakeholder working groups the Forum community has already contributed substantially to this space. Some specific outputs have included:



  • Advancing Cyber Resilience: a 2016 programme dedicated to empowering boards and executive teams with tools and practices to identify and manage the business risks emanating from cyber threats


  • Beyond Cybersecurity: book reviewing primary research with over 200 organizations on ‘gamechanging’ actions for business and governments


  • Towards the Quantification of Cyber Threats: innovative risk quantification model “Cyber Value-at-Risk” lays the foundation for consistent quantification within and across enterprises, potentially leading to further development of risk transfer/cyber insurance markets


  • Risk and Responsibility in a Hyperconnected World: analysis of global macro impact (up to $3 trillion/5% global GDP by 2020), future scenarios and a shared Framework for Global Collaboration

  • Development of Principles & Guidelines (100+ CEO/Minister/SG level signatories across 14 industries and 23 countries), including Cyber Risk Framework and Maturity Model, further expanded here