IT Service Management teams must play a key role in cyber resilience, according to new AXELOS white paper
Organizations can be more effective in preventing and responding to cyber-attacks by ensuring effective collaboration between those responsible for cyber resilience and IT Service Management (ITSM) teams, according to a new white paper by AXELOS Global Best Practice.
Despite the numerous overlaps between cyber resilience and ITSM, many organizations manage them in independent silos, which results in unhelpful conflicts, according to white paper author Stuart Rance.
“Among the areas of significant overlap are business continuity management and incident management,” explained Stuart, who provides ITSM and information security management services to clients across the world. “In each of these areas it is essential that cyber resilience and ITSM work together to provide value to the business. If they are managed separately then this can lead to wasted resources, conflicting requirements and ultimately successful cyber-attacks.”
In the white paper – Cyber resilience and ITSM: working together to secure the information your business relies on – Stuart argues that there needs to be real collaboration between cyber resilience and ITSM to ensure risks are properly managed.
He said: “As part of a collaborative approach to cyber resilience and ITSM, it is possible to design tools and processes that cut across organizational silos and deliver real value by helping to ensure that the organization gets the greatest possible benefit from the information it owns.”
Stuart offers five tips to help ensure an organization is getting the best possible value from cyber resilience and ITSM:
- Learn about sources of best practice for cyber resilience and ITSM: go out and learn about existing, proven best practices and standards – you don’t need to start from a blank piece of paper;
- Ensure your management system covers the whole of the service lifecycle: don’t forget about areas of the lifecycle which may be more abstract or require more thought, such as effective governance or continual improvement;
- Design integrated processes that support both cyber resilience and ITSM: avoid multiple processes that do the same thing in areas like incident management, continuity management, change management and asset management;
- Define integrated end-to-end metrics that are focused on the needs of your customers: separate metrics for cyber resilience and ITSM can encourage behaviours which are not joined up;
- Encourage collaboration between your cyber resilience and ITSM people: ensure true collaboration by defining integrated processes and metrics as part of a holistic management system that meets all your needs across the whole cyber resilience lifecycle.
Nick Wilding, AXELOS Head of Cyber Resilience, said: “Effective cyber resilience must focus on aligning strategic priorities, service management tools, operational systems and architectures with ongoing training and involvement of all employees. Organizations which encourage greater collaboration between their cyber resilience and ITSM teams have a greater chance of recognizing, responding to and recovering from cyber-attacks effectively.”
AXELOS has recently launched a new Cyber Resilience Best Practice portfolio – RESILIA™ - which is aimed at putting employees at the centre of an organization’s cyber resilience strategy. It includes a Best Practice Guide aligned with ITIL®, the most widely adopted service management framework used by thousands of organizations worldwide.
Nick added: “Organizations already using ITIL for service management will find that cyber resilience can easily be integrated into this existing management systems, with cyber resilience controls and management becoming an extension of existing business-as-usual processes.”
Read the full white paper, Cyber resilience and ITSM: working together to secure the information your business relies on.
Latest News from
Creating specialist skills in the service management office20/12/2021 13:20:00
Blog posted by: Kirandeep Singh Kalra – Continual Service Improvement (CSI) Lead, 17 December 2021.
Organizational Change Management (OCM) – a tool for service managers16/12/2021 13:20:00
Blog posted by: Kevin Jones, Senior Advisor, Beyond20, 14 December 2021.
Service management now and in 2022: training and adapting to change07/12/2021 13:20:00
Blog posted by: Adam McCullough, Principal ITSM Architect, 07 December 2021.
Upskilling in projects and programmes the virtual way02/12/2021 13:20:00
Blog posted by: David Smallwood – Director, e-careers, 01 December 2021.
Service management now and in 2022: making digital transformation work01/12/2021 13:20:00
Blog posted by: Sophie Hussey, Head of Service Management, Lowell, November 30, 2021.
Service management now and in 2022: fewer baby steps to transformation30/11/2021 10:20:00
Blog posted by: Chris Gallacher – principal consultant, Forrester Research and contributing author to ITIL 4 Digital and IT Strategy, 26 November 2021.
Project and programme management now and in 2022: a resilient approach29/11/2021 13:20:00
Blog posted by: Martin Stretton, Transformation Programme Director, NFER, 25 November 2021.
Service management now and in 2022: switching on the lightbulb25/11/2021 13:20:00
Blog posted by: Jonathan Wafford, Global Service Delivery Lead, Capgemini Government Solutions, 23 November 2021.