The meaning of this term, that we find codified in directive 21 of the USA president, by the European legislator in the NIS directive and in the Gentiloni decree , is the ability of a network or system to preserve its information and functions intact even after a successful cyber attack.
After evaluating the risk of a Data Breach with a relative penalty in EU zone (4% of the annual worldwide turnover), then Decision Makers must run for cover and apply the defense in depth composed by three elements:
- employees: bringing them to a level of awareness appropriate to the dangers to be avoided and they can watch also for perimeter protection,
- technology: we need to equip our IT infrastructures with cutting-edge technology anti-intrusion IDS / IPS, filtering outgoing and incoming traffic (with ROUTER, SWITCH and FIREEWALL and related access control list), Honeypot to hijack attacks on bait systems, TCP reset, Detect 0x90/Polymorphic Shellcode, antivirus, cryptography
- operating modes: such as SW Patching, OS and Firmware Update and Upgrade, Penetration Test, BC / DR: all periodic and repetitive activities, and adopting privacy by design and by default.
In our case it becomes very important to have a backup of Laptop HD , or of the main file stored in.