The Gaming Boardroom

Where the gambling industry comes to think

Cyber resilience matters as much as cyber defence

Steve Tyler Free Content

Cyber resilience matters as much as cyber defence

Summary

The NCSC argues that planning and rehearsing recovery is as vital as building strong defences. Recent disruptions to UK retailers and manufacturers show why medium and large organisations must prepare not only to prevent attacks but also to keep services running and recover quickly when incidents occur. The blog outlines practical steps: implement Cyber Essentials, use the Cyber Assessment Framework for complex organisations, map critical systems, run business impact assessments and exercises, and share lessons across sectors.

Content summary

Jonathon Ellison explains that resilience is a continuous process and provides concrete recommendations:

– Start with the five Cyber Essentials controls (patching, access management, boundary defences).
– Use the Cyber Assessment Framework (CAF) to identify and protect critical services for larger organisations.
– Plan recovery by knowing your IT estate, running business impact assessments, defining roles and communications, and rehearsing with table-top exercises.
– Collaborate via sector trust groups and share incident lessons to raise the community’s resilience.
– Ensure boards and CEOs actively oversee cyber resilience using NCSC guidance on governance.

Key Points

  1. Prevention and recovery are equally important: organisations must prepare to operate and recover when defences fail.
  2. Cyber Essentials provides a baseline of five controls to reduce common threats (patching, access controls, boundary defences, etc.).
  3. The Cyber Assessment Framework helps larger organisations identify critical services, manage risk and plan recovery.
  4. Practical recovery steps include asset identification, business impact assessments, defined roles/communications and table-top exercises.
  5. Sharing lessons across sectors and participating in trust groups strengthens overall resilience; openness about incidents is crucial.
  6. Board-level oversight is essential — leaders must embed cyber risk into decision-making and resilience planning.

Context and relevance

This guidance is timely given recent supply-chain and service disruptions in the UK. It links established NCSC programmes (Cyber Essentials, CAF, Respond & Recover guidance) into a coherent approach for medium and large organisations. For security teams and executives it shifts the emphasis from purely stopping attacks to also ensuring continuity and rapid recovery — a key trend as attackers become more persistent and disruptive.

Why should I read this?

Look — if you run or advise an organisation that people or businesses rely on, this is worth five minutes. It tells you exactly what to put in place and why rehearsing recovery matters as much as locking the doors. Saves you scrambling when something inevitably goes wrong.

Author

Punchy: Jonathon Ellison (NCSC Director of National Resilience) makes a clear, no-nonsense case that resilience is not optional. If your organisation’s continuity matters to customers or partners, his recommendations are essential reading — they explain what to do now, and why senior leaders must own it.

Source

Source: https://www.ncsc.gov.uk/blog-post/why-resilience-matters-as-much-as-defence

Next steps (recommended)

Read NCSC guidance linked in the article: Cyber Essentials, the Cyber Assessment Framework and the Respond & Recover guidance for medium and large organisations. Start with an asset map and a table-top exercise this quarter.