Browse Definitions :
Definition

cyber resilience

Contributor(s): Corinne Bernstein

Cyber resilience is the ability of a computing system to recover quickly should it experience adverse conditions. It requires continuous effort and touches on may aspects of information security (infosec), including disaster recovery (DR), business continuity (BC) and computer forensics.

Although not event-specific, cyber resilience is built up over time and refers to the preparations an organization makes to deal with threats and vulnerabilities, the defenses that have been developed, and the resources that are available for mitigating a security failure after the fact. Cyber resilience capabilities are essential in IT systems, critical infrastructure, business processes, organizations, societies and nation-states.

Presidential Policy Directive PPD-21, which former President Barack Obama issued in 2013 to update earlier directives, defines "resilience" as the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Examples include developing a business continuity plan, having a backup power generator and using more durable building materials.

Cyber resilience should not be considered synonymous with recovery, but rather with the ability of an enterprise to limit the effects of security incidents and continuously deliver the intended outcome despite a system failure or cyber attack. The concept includes the ability to restore regular delivery mechanisms after such events -- as well as the ability to modify these delivery mechanisms continuously in the face of new risks. 

For strategic planning, a key element of cyber-resilience is a deep understanding of risk – which means going beyond IT planning to make limiting risk exposure an integral part of the strategy. To capitalize on the paradigm shift from cybersecurity to cyber resilience, businesses should focus their resources on the cyber risks that are likely to have the biggest impacts and hone in on the metrics that provide insight into and help predict them.

Business and government leaders should focus on resilience to avoid the catastrophic failure threatened by an all-or-nothing approach to cyber risks (i.e., preventing network entry as the only plan). Additionally, addressing resilience extends beyond information technology or information security. To ensure greater efficiency and effectiveness, technology and strategic leaders should be involved in an overall cyber resilience approach as a key part of their long-term strategy, including outlining which technologies a business will implement in the next five, 10 or more years.

This was last updated in February 2018

Continue Reading About cyber resilience

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How does your organization practice cyber resiliency?
Cancel

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

Close