The Cyber Resilience Compass 2025

Page 15 of 26 · WEF_The_Cyber_Resilience_Compass_2025.pdf

← Prev Next → Download original PDF
Identifying ‘crown jewels’ is challenging because priorities can shift quickly. What is considered low priority today may become critical tomorrow, depending on evolving circumstances and business needs. Paulo Moniz, Head, CyberSecurity and Information Technology Risk, EDP – Energias de Portugal UBS recognizes the industry-wide challenge of retaining operational resilience in the face of a dynamic cyberthreat environment and prioritizes the rapid recovery of critical business services following cyber incidents, including third-party outages. This reduces potential harm to clients, business operations and other market participants and minimizes downtime. The firm plans for severe scenarios, assuming critical services could be unavailable for an extended period. This assumption guides contingency planning, which focuses on: –Workaround development: Collaborating with business units, the firm creates procedures to operate without impacted elements, prioritizing key processes to minimize impact. –Data storage and access: UBS utilizes air-gapped vaulting solutions for storing critical applications and data in an immutable format, ensuring heightened security and expedited retrieval to recover key processes in the event of a cyberattack. –Communication and coordination: The company has mature crisis management protocols providing clear communication channels between leadership, IT, business units and clients, ensuring fast and effective decision-making during an incident. –Third-party risks: UBS assumes third-party services might take longer to recover or reconnection may be prolonged, and therefore focuses on developing effective and sustainable workarounds to mitigate those risks. By focusing on workarounds and strengthening resilience, UBS can continue operations with minimal impact following a cyber incident but also enhances overall agility, improves crisis response efficiency and builds greater confidence among clients and stakeholders.CASE STUDY 7 UBS – Building cyber resilient business processes The Cyber Resilience Compass: Journeys Towards Resilience 15
Ask AI what this page says about a topic: