The third element of IT Governance’s Cyber Resilience Framework addresses the need to manage incidents quickly and effectively to limit harm and return to full functionality.
It should cover:
Incident response management
ICT services are resilient in the event of disaster and can be recovered within timescales agreed with senior management.
ICT (information and communication technology) continuity management
Plans, defined roles, training, communications, and management oversight for quickly discovering an incident and effectively containing the damage, eradicating the threat, and restoring the integrity of affected network and systems. There are agreed thresholds and timescales for recovering ICT functions following an incident.
Business continuity management
Measures for identifying the risk of exposure to internal and external threats, and for dealing with major disruptions like cyber attacks, floods and supply failures.
Information sharing and collaboration
Threat and vulnerability information is shared among suppliers, partners, industry bodies, and authorities to enhance the collective ability to proactively detect, prevent, mitigate, respond to, and recover from cybersecurity incidents.
The extent to which you implement these measures will depend on your own environment and compliance requirements.