AXELOS, the joint venture company created by the Cabinet Office, announced back in June that it planned to develop its resilience portfolio, including development of a cyber-resistance maturity assessment tool. The standards are set to use ITIL as the underpinning framework, largely due to its success over the last 25 years. The portfolio was set to be rolled out across the US and UK towards the end of 2014, and with the recent attack on Sony Entertainment, and the announcement of a Cybersecurity Unit being set up by the Department of Justice (DOJ), we will likely see these guidelines thrust into the limelight as the DOJ attempts to prevent future attacks.
Nick Wilding, head of cyber resilience best practice at AXELOS, said, “At the end of the day we are all about global best practice. We are looking to launch at the end of this year, with the primary launch market likely to be US and UK. We believe in using ITIL – which is 25 years old this year – as the underpinning framework and language for a cyber-resilience portfolio. It is fair to say we’re creating a cyber-resilience equivalent to ITIL. We’re also using the latest serious gaming techniques to embed within the training programme, developing in house simulations.”
Over in the US, the release of the Cybersecurity Framework by NIST is helping drive forward AXELOS’s plans. The framework was created to help improve critical infrastructure cybersecurity, with President Obama stating, “[i]t is the Policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber-environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.”. It enables organisations of all sizes to apply principles and best practices in order to increase their cyber-security.
You can view the full framework here.
In further news, the co-founder of OBASHI, Fergus Cloughley, talks with fellow co-creator Paul Wallis and Claire Agutter about the NIST announcement in the below video, including how they can utilise OBASHI to track data flow, which is a requirement from the US NIST announcement. You can get more information on OBASHI and the courses we offer here.