Until recently, if it has been considered at all in the context of business continuity, cyber security may have been thought of in terms of disaster recovery and little else. Recent events have shown that cyber-attacks are now an everyday occurrence, and it is becoming clear that the impact of these can have devastating effects on organizations whether large or small, public or private sector. Cyber security is one aspect of information security, since the impacts or consequences of a cyber-attack will inevitably damage one or more of the three pillars of information security: the confidentiality, integrity or availability of an organization's information assets. The main difference between information security and cyber security is that while information security deals with all types of information assets, cyber security deals purely with those which are accessible by means of interconnected electronic networks, including the Internet. Many responsible organizations now have robust information security, business continuity and disaster recovery programs in place, and it is not the intention of this book to re-write those, but to inform organizations about the kind of precautions they should take to stave off successful cyber-attacks and how they should deal with them when they arise in order to protect the day-to-day businesses.

David Sutton's career in IT spans nearly 55 years and includes voice and data networking, information security and critical information infrastructure protection. He is a Chartered Fellow of BCS, a member of the Chartered Institute for Information Security (CIISec) and a Freeman of the Worshipful Company of Information Technologists (WCIT).