Introduction: This master thesis explores the concept of cyber resilience and aims at identifying cyber resilience enhancing measures relevant to a complex organisation. Cyber security is a highly relevant field as the world gets more digitalised, and evaluating sufficient cyber protective measures is essential. Cyber Resilience can be seen as an extension of Risk Management and Cyber Security by providing a necessary layer of protection the fields currently lack; to continue operations and functions despite a threat.
Methods: Semi-structured interviews with practitioners, senior management and expert informants were conducted, and relevant cyber-resilient frameworks were analysed to identify cyber-resilient enhancing measures.
Results: The analysis showed that cyber resilience enhancing measures for complex organisations originate from understanding the construct, and adding it to existing structures is beneficial. However, for this to be effective, there must be a clear definition, directives and standards from which complex organisations can build a resilience understanding. The main findings include fostering a resilient mindset through adaptability, trust and flexibility, aligning to working with the complexity of such an organisation
