WEF introduces cyber resilience framework; index to increase organisational security
The World Economic Forum released a cyber security framework and suggestions for enhancing cyber resilience
By Shashank Bhardwaj
The World Economic Forum (WEF) introduced its Cyber Resilience Framework (CRF) and Cyber Resilience Index (CRI) in a whitepaper on cyber resilience released on Thursday. The report was written in partnership with the professional services firm Accenture. It comes after the Global Cybersecurity Outlook, which WEF released in January.
According to the Global Cybersecurity Outlook, only 55 percent of cyber leaders believed that company risk-management plans should incorporate cyber resilience. After considering current frameworks, the industry-neutral CRF developed six principles with corresponding best practices and sub-practices. Sixty-four performance measures were then offered under the CRI.
Algirde Pipikaite, lead at WEF Centre for Cybersecurity, has stated, "The working group to develop the CRI brought [together] more than 50 executives from [the] public and private sector and worked for a year." She also highlighted, "We hosted eight workshops, one-on-one consultations and gathered written feedback from the community."
The Fourth Industrial Revolution, as WEF founder Klaus Schwab calls the changes brought about by emerging technological breakthroughs, was highlighted in the white paper as having interdependent risk. It read:
"The Fourth Industrial Revolution means that systemic interdependence is both the risk and the reward of the opportunity, because value and impact on the future are exponential rather than cumulative, and every day counts." By 2025, the Fourth Industrial Revolution is expected to add $100 trillion to the global economy, according to the WEF estimates.
"We envision that the CRI will become widely accepted by the industry, and the first pilot is currently running with the Oil & Gas community," remarked Pipikaite. The paper concludes affirmatively by specifying work to be done in the future. As the CRI continues to scale and improve, much work is also needed to measure cyber resilience at the ecosystem level.
Among other factors, the WEF whitepaper mentioned three specific factors as prominent, namely:
- Establishing common indicators of eco-systemic cyber-resilience performance,
- Measuring the causation and correlation of resilience among multiple members of an ecosystem and between ecosystems across geographies and sectors.
- And calculate centrality to determine if and how members of an ecosystem carry greater weight and subsequently have more power than others to influence the resilience of the whole ecosystem positively and negatively."
Other institutions, such as the Atlantic Council and the International Monetary Fund, have also addressed resilience issues.
Shashank is the founder of yMedia. He ventured into crypto in 2013 and is an ETH maximalist. Twitter: @bhardwajshash