Ten Commandments for a Cyber Resilience Strategy

“Know thyself”

The Ancient Greek aphorism “know thyself” (Greek: γνῶθι σεαυτόν, transliterated: gnōthi seauton; also … σαυτόν … sauton with the ε contracted), is one of the Delphic maxims and was inscribed in the pronaos (forecourt) of the Temple of Apollo at Delphi according to the Greek writer Pausanias (10.24.1). The phrase was later expounded upon by the philosopher Socrates who taught that:

The unexamined life is not worth living.

An unexamined business transformation strategy is not worth implementing. To facilitate and maintain the confidentiality, integrity, and availability of data and business operations, consider creating roadmaps to digital transformation; designing a reliable system, where your security strategy is a part of your digital transformation strategy. People are an imperative part of the system.

In essence, automation should NEVER create a function. In the aim of preserving corporate identity and user/customer experience, automation must be driven by a clear functional need and relevant compliance knowledge. For automation (just a tool) to provide a global vision, monitoring, interoperability, traceability, orchestration and steering features, NEW holistic and strategic vision is required. To preserve corporate identity and adequate user experience, automation must be driven by a clear functional need and relevant compliance knowledge.

As truly successful business decision making relies on a balance between deliberate & instinctive thinking, so does successful digital transformation rely on interconnectedness & interdependence of the state of the art technologies.

In information and cyber security, to identify adversaries; to find unknown security vulnerabilities; to reduce cyber risks and envision potential future threat landscape is crucial. To understand, develop and cultivate remarkable resilience is vital. Have in place an ever evolving cyber resilience blueprint. Arm your business in the face of future cyber threats. Mind the systemic nature of a cyber threat landscape. ‘Know thyself’ to increase your cyber-resilience.

Strive to inform and educate. Education has always been a profit-enabler for individuals and the corporation. Education, both conception and delivery, must evolve quickly and radically to keep pace with digital transition. Education is a part of the digital equation.

Ten Commandments for Cyber Resilience Strategy

  • Align information and cyber security strategy with business digital transformation strategy.
  • Adopt a comprehensive cyber risk management attitude.
  • Identify most critical information and assets.
  • Find and manage vulnerabilities.
  • Reduce cyber risks in projects and production.
  • Optimize strategically chosen systems reliability.
  • Evolve your security to a prevention-based strategic architecture.
  • Pledge to employ the state of the art digital and defence solutions.
  • Instruct regularly your teams to empower and strengthen their resilience.
  • Scale your success by sharing the knowledge and intelligence.

About the Authors

Stéphane Nappo has been Global Head Information Security for Société Générale International Banking & Financial Services since 2011. Present in 67 countries, this business unit employs over 71, 000 people and has 30 million clients distributed within 40 autonomous banks and 90 entities all delivering financial services.

Stéphane implements conventional risk management methods with a systemic and pragmatic approach to complex problems based on extensive training and expertise in banking, telecom, business administration, and law. World traveller, Stéphane Nappo operates in Russia, Central Europe, and Africa.

Ludmila Morozova-Buss, Cybersecurity Researcher & Social Media Influencer. Berlin, Germany  An acknowledged multi-lingual, multi-cultural thought leader, Ludmila Morozova-Buss established her foundational economics, finance, and business strategy knowledge and experience through myriad assignments in the United States and Asia as well as in Europe.