The need to establish a robust data security strategy is more important than ever, punctuated by ever-present news headlines about cyber-hacking and data breaches, in which the private information of thousands of people—or even millions—is compromised.

And it’s not just big banks and governments that must be vigilant about protecting private information. The not-for-profit sector needs protocols in place as well.

With that in mind, Ronald McDonald House Charities (RMHC) Toronto recently turned to Kyndryl to conduct a cyber-resilience audit, with aims to enhance protection of the private information of families who use its services, as well as the thousands of donors who support it.

“They did a comprehensive assessment—from risk management and policies at the governance level to the day-to-day work,” says Kenneth Wong, director of finance and IT lead at RMHC Toronto. “We needed to update and clarify our cyber-risk framework, which includes third-party risk management and a clear incident response and recovery plan.”

We are committed to the health and continuous improvement of the vital systems at the heart of the digital economy.

Xerxes Cooper, President, Kyndryl Canada

Kyndryl approaches cyber resilience with future-forward innovation. It has a 3,000-strong patent portfolio in areas such as multi-cloud management, orchestration, integrated monitoring and issue triage and resolution. With deep insight into the challenges IT leaders are facing today, Kyndryl helps leaders understand and protect against the rise of cyberattacks and build a security and resiliency infrastructure for the future.  

“We are committed to the health and continuous improvement of the vital systems at the heart of the digital economy,” says Xerxes Cooper, president, Kyndryl Canada. “In RMHC Toronto’s case, we partnered with them to adapt best practices of our large commercial clients to their unique needs as a not-for-profit. They have information about families and donors that need to be protected with a robust cyber-security framework.”

Wong says Kyndryl provided a road map and ranked the action items in terms of urgency, ease of implementation and resources required.

“Our first step is using the findings from the cyber-resiliency assessment to have discussions at each level of the organization—governance, management, day-to-day—to begin implementation of the action items that will move us closer to cyber-maturity,” says Wong.

The Growing Importance of Cyber Resilience
Today it is no longer a question of whether cyber attackers will breach our defenses, but when they will break through and how much damage they will do. Hackers only need to be skilled (or lucky) enough to break through just once; the public and private sector would need to fend off 100 per cent of the constant attacks to remain safe—that’s a hopeless proposition. It's time to embrace a comprehensive strategy for cyber resilience—not just cyber security. Cyber resilience means anticipating, protecting against, withstanding, and recovering from attacks on cyber-enabled services. It goes beyond conventional cyber security and emphasizes business continuity and recovery, because eventually, attackers will penetrate our defences no matter how good those defences are.