WEF introduces cyber resilience framework, index to increase organizational security
The World Economic Forum (WEF) released a white paper on cyber resilience Thursday in which it introduces the organization’s Cyber Resilience Framework (CRF) and Cyber Resilience Index (CRI). The document, prepared in collaboration with professional services company Accenture, followed the WEF’s Global Cybersecurity Outlook, published in January.
The Global Cybersecurity Outlook found that only 55% of cyber leaders considered cyber resilience to be integrated into enterprise risk-management strategies. In response, the industry-agnostic CRF considered existing frameworks to establish six principles with associated best practices and sub-practices. Those, in turn, provided 64 performance measures that inform the CRI.
“The working group to develop the CRI brought [together] more than 50 executives from [the] public and private sector and worked for a year,” WEF Centre for Cybersecurity lead Algirde Pipikaite told Cointelegraph by email. “We hosted eight workshops, one-on-one consultations and gathered written feedback from the community.”
Related: Chainalysis launches reporting service for businesses targeted in crypto-related cyberattacks
The white paper stressed the interdependence of risk in the Fourth Industrial Revolution — the designation given by WEF founder Klaus Schwab to the changes being brought about by emerging technological advancements. It stated:
“The Fourth Industrial Revolution means that systemic interdependence is both the risk and the reward of the opportunity, because value and impact on the future are exponential rather than cumulative, and every day counts.”The WEF estimated Fourth Industrial Revolution the will create $100 trillion of additional value for the world economy by 2025.
“We envision that the CRI will become widely accepted by the industry and the first pilot is currently running with the Oil & Gas community,” Pipikaite said.
The next steps for increasing cyber resilience, according to the white paper, are establishing common cyber resilience performance indicators, measuring the causation and correlation within and between ecosystems, and calculating centrality to determine if and how some members carry greater weight in ecosystem resilience.
Other organizations have tackled resilience issues as well, including the Atlantic Council and the International Monetary Fund.