New AXELOS certifications aimed at increasing cyber resilience
AXELOS was founded in 2013 as a joint-venture company between the United Kingdom government and professional services company Capita to promote and grow the Global Best Practice portfolio, including ITIL®, PRINCE2®, and the other PPM products.
On June 1, 2015, in Washington, D.C., AXELOS announced the release of RESILIA™, their new Cyber Resilience Best Practice portfolio. According to an AXELOS media release, RESILIA is a “portfolio of publications, training and awareness tools designed to help any organization define what good cyber resilience looks like and embed best practice into existing management systems.”
Data breaches are happening 24 hours a day, and costing global business billions to defend against and clean up after — an estimated $455 billion (U.S.) annually. According to a new study by Juniper Research, this amount is expected to climb to $2.1 trillion (U.S.) by 2019.
In a statement to media, AXELOS CEO Peter Hepworth said: “Cyber-crime is increasingly recognized as one of the most serious risks to a strong global economy, market reputations and to national security. RESILIA provides pragmatic advice, equipping people with the knowledge and confidence to act on cyber security risks, helping organizations maintain reputation, customer confidence and operational stability in the face of increasing cyber threat.”
RESILIA is a portfolio of training, learning and certification designed to build and implement cyber resilience throughout an organization, from the boardroom to the mailroom. RESILIA will enable organizations to clearly evaluate resilience to cyber threats — not just detection and prevention, but response and recovery, in order to “maintain reputation, customer confidence and operational stability.” This is accomplished by teaching and maintaining cyber resilient behaviors and practices throughout the organization.
People are typically the most vulnerable link in an organization’s cyber-defenses, with employees too often opening phishing emails and/or visiting infected sites. Fortunately, people are also a powerful force in safeguarding organizational data and customer information. Protecting against data breaches “is a people process with multiple stake-holders across the organization,” said Nick Wilding, Head of Cyber Resilience at AXELOS. “It has to be a collaborative effort, starting from the top, with board members setting the tone, and to the lowest levels.”
RESILIA is the latest addition to the AXELOS best practice portfolio. The RESILIA best practice is based on and aligned with proven ITIL (IT Service Management best practice) and uses a common lifecycle approach so that it can be easily integrated into existing ITIL management systems. The RESILIA best practice portfolio is underpinned by the Best Practice guidance that “illustrates what good cyber resilience looks like” and provides practical guidance on strategy and implementation.
All organizations are at risk from attack — large and small, public or private sector, local or global. The large majority of cyber-attacks succeed because of the unwitting actions of a member of staff. Security and IT teams can no longer protect the organizations on their own, and need to rely on all staff to recognize their part in maintaining the operational health of an organization by having the awareness, skills and confidence to apply new cyber-resilient behaviors “People have to sit at the heart of any successful strategy,” said Wilding. “Everyone has a role to play in defending data breaches. We are all on the front-line.”
There are two levels of certification in RESILIA: Foundation and Practitioner.
The Foundation Level certification teaches IT professionals to understand the impact operational decisions have on their organization’s cyber resilience along with the value of developing an organizational culture of cyber resilience. There are no prerequisites to sit for this exam. Candidates can attend official trainer provider classes for a three-day/20 hour course of instruction, or do distance learning on their own, and then sit for the exam.
The Practitioner Level certification consists of earning the Foundation Level cert, plus an additional two-day/15 hour mandatory course of instruction. Practitioner certified individuals possess the skills needed to “balance risk, cost, operational benefits and flexibility” within the organization.
Presently, only the Foundation Level exam, and study materials are available from AXELOS accredited training organizations. It is anticipated that the Practitioner exam will be available sometime in July, 2015.