Advancing Cyber Resilience: Principles and Tools for Boards
A first-of-its-kind resource to support board of directors and CEO to take action on cybersecurity and cyber resilience strategy.
Cyber risk is a systemic challenge and cyber resilience a public good. Every organization acts as a steward of information they manage on behalf of others. And every organization contributes to the resilience of not just their immediate customers, partners and suppliers but also the overall shared digital environment.
In order to ensure security and resilience, organizations, both public and private, must develop the capabilities to ensure their own resilience through internal governance structures and behaviours as well as work with other organizations (enterprises, governments, and civil society) in order to ensure systemic security and resilience. The Forum has committed to support the development of cyber resilience governance capabilities at the enterprise and national level by creating tools, sharing best practices, and convening all stakeholders to effectively make decisions about their shared security responsibilities.
In 2018, the Forum will expand on these efforts in two ways:
Through a number of multistakeholder working groups the Forum community has already contributed substantially to this space. Some specific outputs have included:
- Advancing Cyber Resilience: a 2016 programme dedicated to empowering boards and executive teams with tools and practices to identify and manage the business risks emanating from cyber threats
- Beyond Cybersecurity: book reviewing primary research with over 200 organizations on ‘gamechanging’ actions for business and governments
- Towards the Quantification of Cyber Threats: innovative risk quantification model “Cyber Value-at-Risk” lays the foundation for consistent quantification within and across enterprises, potentially leading to further development of risk transfer/cyber insurance markets
- Risk and Responsibility in a Hyperconnected World: analysis of global macro impact (up to $3 trillion/5% global GDP by 2020), future scenarios and a shared Framework for Global Collaboration
- Development of Principles & Guidelines (100+ CEO/Minister/SG level signatories across 14 industries and 23 countries), including Cyber Risk Framework and Maturity Model, further expanded here
Cyber risk is a systemic challenge and cyber-resilience a public good. Leaders need tools and partnerships to respond to these challenges of digitalization.
The latest cyberattack, which led to outages across the US East Coast, should be a wake-up call regarding the dangers of an insecure IoT.
Dr Michelle Tuveson says we should pay attention to forecasters when it comes to cyber security risk.