A concise introduction to the NIS Directive - A pocket guide for digital service providers by Alan Calder

CHAPTER 4: IMPLEMENTING CYBER RESILIENCE

Cyber resilience is a blend of cyber security, incident response and business continuity. An effective cyber resilience framework can protect an organisation from the majority of attacks and incidents, while also maximising its durability when an incident does occur. The principle behind cyber resilience is that an organisation can do a great deal to prevent incidents or mitigate their impact, but incidents remain inevitable. This is one good reason for the Implementing Regulation to mandate business continuity, which defines it as “the capability of an organisation to maintain or as appropriate restore the delivery of services at acceptable predefined levels following a disruptive incident” (Article 3). ...