2. AXELOS Global Best Practices
• AXELOS is a joint venture company, between
UK Government (Cabinet Office) and Capita plc
(a FTSE 100 organization) set up to nurture
and expand upon a portfolio of global best
practice frameworks and methodologies.
• The AXELOS global best practice portfolio
includes ITIL®, the de facto global best practice
for IT Service Management, RESILIA™, the
global best practice for business cyber
resilience, and PRINCE2®, the global
methodology for effective Project Management.
3. What is Effective Cyber Resilience?
Balancing the opportunities and risks of
operating in the digital age
“...the ability to resist, respond, and recover
from incidents impacting the information and
systems required to run your business.”
4. What is RESILIA?
• RESILIA best practices help companies prevent detect and
recover from cyber attacks faster by enabling a proactive, balanced
and collaborative approach to identifying and managing cyber risk
and recovery across an enterprise and its supply chain
• RESILIA’s uses ITIL’s® continual service improvement lifecycle to
adopt, adapt and manage the risk and recovery improvements
identified from a NIST or other cyber security assessment
• RESILIA ‘s portfolio includes a best practice guide, consulting,
services, certified training, stakeholder & supply trainings,
leadership training, continuing education trainings, information
sharing communities and a management pathway tool
5. Best Practice Guide
Core practical guidance for strategy,
implementation and management or
effective cyber resilience
Individual Awareness
Learning & Know-how
All staff across an organization
IT and Security teams and
Heads of Activities
Membership
& CPD
Foundation and Practitioner
community
Leadership
Engagement
All leadership teams
across an organization
Pathway Tool
IT, Security and Risk
decision makers
Foundation
& Practitioner
Training
The RESILIA Portfolio
6. Best Practice Guide
• The guide was developed by experts with hands-on cyber and
service management experience working closely with thought
leaders in cybersecurity assessment and improvement
• This guide supports the best practice construct where training
and certification are available to train people using a defined
benchmark for cyber resilience knowledge and skills.
• The guide provides information on how to use ITIL® and other
service management system to adopt and adapt the incremental
improvements identified by NIST and other cybersecurity
frameworks.
7. Certification Training Programs
• RESILIA Foundation level is a three-day/20-hour course which
helps individuals understand how operational decisions can have
an impact on effective cyber resilience.
• RESILIA Practitioner level is a two-day/15-hour course which
equips individuals with the skills to adopt and adapt RESILIA
best practices across an enterprise
• RESILIA certification programs can be taken in an instructor led
classroom, virtual classroom, blended classroom or as a self-
paced video training program.
8. Stakeholder/Partner Awareness Programs
• Awareness Learning programs help employees and supply chain
partners understand what cyber attacks are and what they can
do to help prevent these attacks.
• Awareness modules go to the heart of cyber resilience, giving all
staff the knowledge, skills and confidence they need to embed
cyber resiliency into their day-to-day behaviors.
• Modules include: phishing, social engineering, online safety,
social media, BYOD, removable media, password safety,
personal information, information handling and remote and
mobile working
9. Pathway Tool
• Straightforward, high-level and repeatable
method to assess and benchmark your
cyber maturity.
• The Pathway tool allows you to:
o Review and explore the RESILIA Best
Practice
o Assess your cyber resilience posture or
people/process/technology controls
already in place and identify critical
gaps
o Define the necessary critical
improvements on a roadmap to your
desired level of cyber resilience
maturity
10. Leadership Training Programs
• Innovative and compelling awareness products tools and
guidance specifically designed to increase understanding, insight
and action in the boardroom.
These include:
o Professional development and learning for executive and non-
executive directors
o Cyber boardroom simulations
o Cyber resilience risk management training for senior risk management
decision makers
11. Professional Development Program
AXELOS Professional Development Program (PDP) essential
tools and training programs to help individuals plan their career,
develop their skills and increase their value to their employers
The AXELOS’ PDP portfolio is designed to help practitioners
improve their overall skills within the best practice industry while
enabling organizations to protect their investment in Axelos and
other global best practices
12. The Community
Building the RESILIA best practice
community:
• Effective cyber resilience
involves a multi-disciplinary
approach with an organization
encompassing people, process
and technology.
• The RESILIA community will
bring together practitioners,
decision makers and leaders
across a range of core
functions.
13. Summary
• RESILIA best practices help companies prevent detect and
recover from cyber attacks faster by enabling a proactive,
balanced and collaborative approach to identifying and managing
cyber risk and recovery across an enterprise and its supply chain
• RESILIA’s uses ITIL’s® continual service improvement lifecycle to
adopt, adapt and manage the risk and recovery improvements
identified from a NIST or other cyber security assessment
• RESILIA ‘s portfolio includes a best practice guide, consulting,
services, certified training, stakeholder & supply trainings,
leadership training, continuing education trainings, information
sharing communities and a management pathway tool
Editor's Notes
1
3
ber
Effective cyber resilience is a continuous journey. It demands constant vigilance about the changing risks for your organization and its vulnerabilities. The RESILIA Pathway tool will help you maintain that vigilance. It offers a simple, straightforward and repeatable method to assess the maturity of your cyber resilience and map optimal routes forward, as well as simplifying reporting to board and executive management teams.
The RESILIA Pathway tool allows you to:
Review and explore the RESILIA best practice guidance and understand how its’ processes and security controls apply to your organization through the five stages of the cyber resilience lifecycle: Strategy, Design, Transition, Operation and Continual Improvement.
Assess and evaluate your cyber resilience controls and processes already in place against a set of 30 competence statements. With your cyber resilience maturity determined you can then identify more clearly the critical gaps in your people, processes and technology.
Define the necessary critical improvements on a roadmap to your desired level of cyber resilience maturity.
Over the coming months we will be building our RESILIA community – groups of different stakeholders and practitioners who are passionate about cyber resilience. We look forward to keeping you up to date with developments as we develop cyber resilience best practice debate and collaboration around the world.
I’d like to close by saying that information lies at the heart of any organization, a critical enabler of value, innovation and growth. This information has never been at greater risk from cyber-attack, threatening reputation, customer trust and operational stability. Cyber resilience is about resisting, responding and recovering from attacks that will impact the information you require to do business. It requires a balanced and collaborative approach across the entire organization – embedding awareness, insight and skills that will make you more effective in keeping your critical information safe.
And it’s your people who represent your most effective safeguard, alarm signal and source of effective action.
Thank you
I’d now like to invite our speakers back onto the stage together with another colleague of mine – Mark Logsdon, who was the Director of Information Risk Management at Barclays. This is the Open Floor/Q&A session so I would welcome your own experiences and comments, challenges, war stories and questions.
(At end of Open Floor/Q&A session)
Thank you - that brings us to the end of the formal proceeedings for this afternoon. – I’d like to express a big thank you to all our speakers this afternoon and to you all of you for your interest and comments. I hope you’ve enjoyed it – we are considering hosting similar events every year so we would welcome your feedback and ideas following todays’ event.
We now have our Networking drinks reception and I would please urge all of you to come and join us at the Showcase areas at the back of the room where we would be delighted to show you more about each element of the RESILIA portfolio.