Measuring cyber resilience & your human firewall

cyber security graphic layered on top of image of office workers walking

Safeguarding your organisation against cyber threats has become increasingly vital, and assessing where you are currently in your cyber resilience journey is a fundamental step in understanding how best to protect your organisation moving forward.

What is cyber resilience?

Cyber resilience is exactly what it sounds like – your resilience against cyber threats. It describes your ability as a business to prepare, protect and recover from cyber-attacks. An organisation that has high levels of cyber resiliency is able to adapt in reaction to various cyber threats, from data breaches to phishing.

Prevention is an important part of cyber resilience, but also knowing how to react in the case of an attack is vital. To put it simply, reliance on prevention is simply not enough anymore, and understanding how to be resilient as a business is key.

Why is cyber resilience important?

In 2021, 65% of medium sized businesses in the UK experienced a cyber-attack. Cybercrime is growing at alarming rates and is becoming hugely damaging to organisations across the world. Cybersecurity measures have had to continually expand in order to respond to the ever-growing challenges posed by cybercriminals.

A good level of cyber resilience allows organisations to strengthen every part of their business, approaching cybersecurity holistically, responding to the modern challenges cybercrime poses.

Strengthening your human firewall as part of cyber resilience

team members working at desktop

With cybersecurity measures becoming an increasing priority for many, you may feel you’ve done all you can to secure your organisation. But the truth is that whilst your cybersecurity policies may be written in staff handbooks, it mustn’t be assumed that all rules are being followed.

Every human with access to your network is a potential vulnerability to your security, and human error can lead to disastrous consequences. Strengthening your human firewall is the best way to protect against this. Whether it’s enforcing frequent password changes or training staff regularly on cybersecurity awareness, a human firewall will reinforce the strength of an organisation’s security measures.

Learn more about human firewalls from ramsac’s Managing Director, Rob May’s TEDx Talk:

How to measure your cyber resilience & your human firewall

In order to strengthen your human firewall – and indeed your cyber resilience – you must first assess it.

Cyber Resilience Certification enables businesses to measure their current level of cyber resilience effectively. At ramsac, we measure resilience levels using a tiered system after providing a full IT estate audit. These are the broad requirements we look for:

Meeting the Bronze tier of Cyber Resilience

CRC Bronze badge small

The most basic level of certification requires a minimum level of good practice, and provides a good foundation for organisations to build their security on. To meet this level, an organisation would need:

  • Enterprise-grade anti-virus
  • Encryption attack protection
  • Enterprise-grade firewall at company sites
  • Air-gapped backup for servers/storage and 365 accounts
  • Appropriate patching schedule
  • Server room security
  • Multi Factor Authentication
  • Cybersecurity training for new starters
  • Documented IT security policies

Meeting the Silver tier of Cyber Resilience

CRC Silver badge small

This tier represents great cyber resilience, and that methods in place are protecting both data and end users. This may include business continuity plans in the event of a breach, enhanced cyber threat protection software, cybersecurity training, and phishing testing. To meet this level, an organisation would need to meet the bronze tier requirements and:

  • Advanced cyber threat protection software
  • Enhanced web and spam filtering
  • Mobile Device Management
  • Third party password manager
  • Ongoing cybersecurity training and phishing testing
  • Documented breach response plan
  • Documented business continuity plan

Meeting the Gold tier of Cyber Resilience

CRC Gold badge small

The highest level of certification available demonstrates that a business is following the best of cybersecurity practices. This requires an extremely high standard of cybersecurity, ensuring that all angles have been covered from the bottom to the very top of a business. This includes third party penetration testing, a software management strategy, and enhanced security monitoring to name a few. To meet this level, an organisation would need to meet bronze and silver tier requirements and:

  • Third party penetration testing
  • Software management strategy
  • C-suite cyber training and planned testing exercise
  • Enhanced security monitoring and response

The benefits of measuring cyber resilience

By conducting an in-depth audit of the IT estate of any organisation, security weaknesses can be identified. Assessing these cyber risks provides the opportunity to see gaps within the cybersecurity of a business or organisation, allowing for necessary changes to be made. This comes with many benefits.

Measuring cyber resilience with a tiered system allows people to not only aim for, but to achieve a high standard of cybersecurity. If organisations understand exactly what it is they need to change in order to be more cybersecure, these become tangible tasks that they can complete, making effective changes. This allows businesses to achieve impressive levels of cybersecurity that is above and beyond the minimum requirements.

Certifying cyber resilience also allows organisations to feel in control of their cybersecurity. Equipping people with the knowledge of where their business is doing well, or where their business is lacking, enables those who can make real changes feel empowered to do so. It also reassures clients and stakeholders that the security of their data is being taken seriously.

Secure your business with Cyber Resilience Certification from ramsac today

Whether you’re at the beginning of your cyber resilience journey or ahead of the curve, ramsac are here to help. Get in touch today to secure your Cyber Resilience Certification or download our factsheet.

Related Posts

  • Celebrating Cybersecurity Awareness Month

    Celebrating Cybersecurity Awareness Month

    Cybersecurity

    October is Cybersecurity awareness month, follow us on LinkedIn or Twitter for daily tips on how you can protect your organisation against Cybercrime. [...]

    Read article

  • How cybercrime costs the UK economy nearly £27B every year

    How cybercrime costs the UK economy nearly £27B every year

    Cybersecurity

    Cybercrime costs claims nearly £27 billion of the UK economy almost every year. Cybercrime has only become more common, affecting many industries. Read more. [...]

    Read article

  • What is Zero Trust security and where should you start?

    What is Zero Trust security and where should you start?

    Cybersecurity

    Zero Trust security removes assumptions about trusting a user, even when they're inside your network. This means users and devices must be verified. Read here. [...]

    Read article

  • Why are charities increasingly being attacked by cyber criminals? 

    Why are charities increasingly being attacked by cyber criminals? 

    Cybersecurity

    More than a quarter of charities were reportedly the target of cybercrimes in the last year alone. But why are charities increasingly the victims of cyberattacks? Find out here… [...]

    Read article

  • Introducing the Cyber Resilience Certification from ramsac

    Introducing the Cyber Resilience Certification from ramsac

    Cybersecurity

    ramsac is committed to helping organisations to protect themselves against cybercrime, to help organisations understand where they are on their cyber resilience journey, we have created the ramsac cyber [...]

    Read article

  • How aware are you when it comes to social engineering?

    How aware are you when it comes to social engineering?

    Cybersecurity

    Cybercrime is huge; indeed, no other criminal activity is quite so lucrative, thus it is imperative that you prepare and protect both your business and your personal life to [...]

    Read article