This website uses cookies. View our cookie policy
Select regional store:

What is Cyber Resilience?

Cyber resilience is the ability to repel cyber attacks while protecting critical business assets, rapidly adapting and responding to business disruptions and maintaining continuous business operations. The idea of cyber resilience is underpinned by the concepts of information security (represented by ISO 27001), and business continuity (as covered by ISO 22031).

How to achieve cyber resilience

Cyber resilience is an essential requirement for the survival and growth of all private- and public-sector organisations worldwide. With a growing dependency on Internet services to provide a platform for communications and software applications, all organisations face significant and constant risks from the threats of cyber attack.

Effective cyber resilience depends on coordinated, integrated preparations for rebuffing, responding to and recovering from a wide range of possible attacks and disruptive events.

The following two international Standards provide the main guidance you need:

  • ISO27001, which details the implementation of an information security management system (ISMS); and
  • ISO22301, which details the implementation of a business continuity management system (BCMS).


IT Governance has outlined a 7-Step guide to the development of an effective cyber resilience strategy

  1. Perform an integrated risk assessment and business impact analysis
  2. Secure the cyber perimeter (fixed, mobile, digital, physical)
  3. Implement effective security controls
  4. Implement and integrate a cyber resilience management system based on ISO 27001 and ISO 22301
  5. Train all staff in the relevant skills, competence and awareness
  6. Develop and test an incident response and escalation plan
  7. Comprehensively test recovery time objective (RTO) capability

Find out more about cyber resilience:


BUY >>