This talk will focus on UCC’s changed approach to cyber risk management previously dominated by cyber security defence, now focused on organisational resilience. Amid an increase in cyber risk across all industries there has been an intense focus on cyber defence in recent years.  However, it has become clear that organisations are, at best, in a stalemate with malicious actors despite the significant investment in this area. The talk will show how UCC has analysed their cyber risk (impact v likelihood) and implemented a strategy with a renewed focus on impact reduction through the application of resilience theory principles in security programmes and tracking resilience as a key cyber metric.

Resilience theory argues that it's not the nature of adversity that is most important, but how we deal with it, and this approach to adversary offers insights that can be applied to the fields of cybersecurity and organisational resilience. By integrating resilience theory principles into IT security practices, organisations can enhance their ability to anticipate, withstand, and recover from cyber attacks. This talk will show how UCC has applied resilience theory principles in our cybersecurity strategy, scenario planning and business continuity planning. 

Click here for Part 1 of this Session