
Sign up to save your podcasts
Or
In Episode 85 of TheCyber5, we are joined by Chief Technologist of Transformative Cyber Innovation Lab for the Foundation for Defense of Democracies (FDD) Dr. George Shea.
Here are four topics we discuss in this episode:
The Operational Resiliency Framework (ORF) is a framework that is intended to be used by executives to ensure business continuity processes when their suppliers are knocked offline during natural disasters and cyber attacks.
Step one, and the most important step, is defining a minimum level of service for all products and services. When disasters or cyber attacks occur, the minimum viable service will reveal the critical suppliers that need extra attention from a redundancy and monitoring perspective.
The ORF is not a compliance requirement nor will this framework stop a cyber attack. However, this framework is designed to help organizations respond when an attack has taken place and is ongoing. For example, if an attacker is already within the system, it’s important to keep valuable services running and ensure the suppliers that enable those critical services don’t go down. This framework goes beyond your perimeter to the suppliers and customers.
While this is not a cyber security framework, technical controls and configurations on the suppliers is an important part of the process for minimum viable services to be up and running.
5
2323 ratings
In Episode 85 of TheCyber5, we are joined by Chief Technologist of Transformative Cyber Innovation Lab for the Foundation for Defense of Democracies (FDD) Dr. George Shea.
Here are four topics we discuss in this episode:
The Operational Resiliency Framework (ORF) is a framework that is intended to be used by executives to ensure business continuity processes when their suppliers are knocked offline during natural disasters and cyber attacks.
Step one, and the most important step, is defining a minimum level of service for all products and services. When disasters or cyber attacks occur, the minimum viable service will reveal the critical suppliers that need extra attention from a redundancy and monitoring perspective.
The ORF is not a compliance requirement nor will this framework stop a cyber attack. However, this framework is designed to help organizations respond when an attack has taken place and is ongoing. For example, if an attacker is already within the system, it’s important to keep valuable services running and ensure the suppliers that enable those critical services don’t go down. This framework goes beyond your perimeter to the suppliers and customers.
While this is not a cyber security framework, technical controls and configurations on the suppliers is an important part of the process for minimum viable services to be up and running.