The best corrective strategy would be to:
1. Start an Incident investigation (following standard process flow until resolved)
2. Ensure its linked to your Problem, Knowledge (KEDB), Change and Release management
3. Enact the Stakeholder Categorization, Communication plan and Information classification
4. The communication plan would determine who to notify of the incident, based on their stakeholder categorization.
5. Identify who is to be informed and what amount of information is shared with that stakeholder
6. Implement change (if required), release, test/validate, recover from the incident
7. Repeat steps three and four
This response is at a very high level, but clearly shows the approach of RESILIA and how it integrates with ITIL.
Cyber resilience demands a “whole system” view (technology and people) and has to be part of your organisational culture. People’s behaviour is the cause of most vulnerabilities (95% of cyber-attacks succeed because of the unwitting actions of a member of staff).
If your people aren’t trained with Cyber Resilience in mind, your business will be at a major disadvantage.
Using RESILIA is equivalent to a flu shot for your business!
Scott Tunn
Scott is an experienced consultant, trainer, author, designer and architect of ITSM/Cyber Security and business solutions. Scott holds numerous degrees in business and Best Practice management. He contributes to global solutions that allow individuals and companies to work smarter and faster. He is up-to-date with the latest technical developments and implementations within Cyber Security.
We have set up additional resources if you’d like to test your knowledge on Cyber Resilience, and as well as a video webinar of this article. Please visit
RESILIA™ is a trade mark of AXELOS Limited. All rights reserved.