Measuring cyber resilience & your human firewall

cyber security graphic layered on top of image of office workers walking

Safeguarding your organisation against cyber threats has become increasingly vital, and assessing where you are currently in your cyber resilience journey is a fundamental step in understanding how best to protect your organisation moving forward.

What is cyber resilience?

Cyber resilience is exactly what it sounds like – your resilience against cyber threats. It describes your ability as a business to prepare, protect and recover from cyber-attacks. An organisation that has high levels of cyber resiliency is able to adapt in reaction to various cyber threats, from data breaches to phishing.

Prevention is an important part of cyber resilience, but also knowing how to react in the case of an attack is vital. To put it simply, reliance on prevention is simply not enough anymore, and understanding how to be resilient as a business is key.

Why is cyber resilience important?

In 2021, 65% of medium sized businesses in the UK experienced a cyber-attack. Cybercrime is growing at alarming rates and is becoming hugely damaging to organisations across the world. Cybersecurity measures have had to continually expand in order to respond to the ever-growing challenges posed by cybercriminals.

A good level of cyber resilience allows organisations to strengthen every part of their business, approaching cybersecurity holistically, responding to the modern challenges cybercrime poses.

Strengthening your human firewall as part of cyber resilience

team members working at desktop

With cybersecurity measures becoming an increasing priority for many, you may feel you’ve done all you can to secure your organisation. But the truth is that whilst your cybersecurity policies may be written in staff handbooks, it mustn’t be assumed that all rules are being followed.

Every human with access to your network is a potential vulnerability to your security, and human error can lead to disastrous consequences. Strengthening your human firewall is the best way to protect against this. Whether it’s enforcing frequent password changes or training staff regularly on cybersecurity awareness, a human firewall will reinforce the strength of an organisation’s security measures.

Learn more about human firewalls from ramsac’s Managing Director, Rob May’s TEDx Talk:

How to measure your cyber resilience & your human firewall

In order to strengthen your human firewall – and indeed your cyber resilience – you must first assess it.

Cyber Resilience Certification enables businesses to measure their current level of cyber resilience effectively. At ramsac, we measure resilience levels using a tiered system after providing a full IT estate audit. These are the broad requirements we look for:

Meeting the Bronze tier of Cyber Resilience

CRC Bronze badge small

The most basic level of certification requires a minimum level of good practice, and provides a good foundation for organisations to build their security on. To meet this level, an organisation would need:

  • Enterprise-grade anti-virus
  • Encryption attack protection
  • Enterprise-grade firewall at company sites
  • Air-gapped backup for servers/storage and 365 accounts
  • Appropriate patching schedule
  • Server room security
  • Multi Factor Authentication
  • Cybersecurity training for new starters
  • Documented IT security policies

Meeting the Silver tier of Cyber Resilience

CRC Silver badge small

This tier represents great cyber resilience, and that methods in place are protecting both data and end users. This may include business continuity plans in the event of a breach, enhanced cyber threat protection software, cybersecurity training, and phishing testing. To meet this level, an organisation would need to meet the bronze tier requirements and:

  • Advanced cyber threat protection software
  • Enhanced web and spam filtering
  • Mobile Device Management
  • Third party password manager
  • Ongoing cybersecurity training and phishing testing
  • Documented breach response plan
  • Documented business continuity plan

Meeting the Gold tier of Cyber Resilience

CRC Gold badge small

The highest level of certification available demonstrates that a business is following the best of cybersecurity practices. This requires an extremely high standard of cybersecurity, ensuring that all angles have been covered from the bottom to the very top of a business. This includes third party penetration testing, a software management strategy, and enhanced security monitoring to name a few. To meet this level, an organisation would need to meet bronze and silver tier requirements and:

  • Third party penetration testing
  • Software management strategy
  • C-suite cyber training and planned testing exercise
  • Enhanced security monitoring and response

The benefits of measuring cyber resilience

By conducting an in-depth audit of the IT estate of any organisation, security weaknesses can be identified. Assessing these cyber risks provides the opportunity to see gaps within the cybersecurity of a business or organisation, allowing for necessary changes to be made. This comes with many benefits.

Measuring cyber resilience with a tiered system allows people to not only aim for, but to achieve a high standard of cybersecurity. If organisations understand exactly what it is they need to change in order to be more cybersecure, these become tangible tasks that they can complete, making effective changes. This allows businesses to achieve impressive levels of cybersecurity that is above and beyond the minimum requirements.

Certifying cyber resilience also allows organisations to feel in control of their cybersecurity. Equipping people with the knowledge of where their business is doing well, or where their business is lacking, enables those who can make real changes feel empowered to do so. It also reassures clients and stakeholders that the security of their data is being taken seriously.

Secure your business with Cyber Resilience Certification from ramsac today

Whether you’re at the beginning of your cyber resilience journey or ahead of the curve, ramsac are here to help. Get in touch today to secure your Cyber Resilience Certification or download our factsheet.

Related Posts

  • Understanding the dangers of ‘Permission Creep’

    Understanding the dangers of ‘Permission Creep’


    This blog post explains what permission creep is, how it can expose sensitive data to unauthorised users, and what steps an organisation can take to prevent permission creep. [...]

    Read article

  • Using cybersecurity training to reduce an organisation’s risk of a cyberattack.

    Using cybersecurity training to reduce an organisation’s risk of a cyberattack.


    Cybersecurity training is an important tool for organisations to prevent and mitigate cyberattacks, we explore the types of training available to organisations. [...]

    Read article

  • The risks of ChatGPT, and the Rise of AI.

    The risks of ChatGPT, and the Rise of AI.


    Artificial intelligence (AI) is a game-changing technology in this blog we explore the risks and benefits of using AI-powered language models such as ChatGPT [...]

    Read article

  • How secure is MFA based on SMS and Voice calls?

    How secure is MFA based on SMS and Voice calls?


    In this blog ramsac's cybersecurity expert Voke Augoye explores how secure Multi-factor authentication is when using SMS and voice calls. [...]

    Read article

  • Microsoft Office – High Severity Vulnerability

    Microsoft Office – High Severity Vulnerability


    Earlier this month Microsoft announced there was a High Severity vulnerability affecting Microsoft Office products. In this blog we explain what the vulnerability is and how to protect against it. [...]

    Read article

  • EDR, MDR, XDR, SIEM, SOC – understanding the jargon in cybersecurity monitoring

    EDR, MDR, XDR, SIEM, SOC – understanding the jargon in cybersecurity monitoring


    The cybersecurity product market is full of acronyms which can make it hard to determine what security monitoring services you need, and what benefits you get from them, this [...]

    Read article