Browse Definitions :
Definition

cyber resilience

Corinne Bernstein
By

Cyber resilience is the ability of a computing system to recover quickly should it experience adverse conditions. It requires continuous effort and touches on may aspects of information security (infosec), including disaster recovery (DR), business continuity (BC) and computer forensics.

Although not event-specific, cyber resilience is built up over time and refers to the preparations an organization makes to deal with threats and vulnerabilities, the defenses that have been developed, and the resources that are available for mitigating a security failure after the fact. Cyber resilience capabilities are essential in IT systems, critical infrastructure, business processes, organizations, societies and nation-states.

Presidential Policy Directive PPD-21, which former President Barack Obama issued in 2013 to update earlier directives, defines "resilience" as the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Examples include developing a business continuity plan, having a backup power generator and using more durable building materials.

Cyber resilience should not be considered synonymous with recovery, but rather with the ability of an enterprise to limit the effects of security incidents and continuously deliver the intended outcome despite a system failure or cyber attack. The concept includes the ability to restore regular delivery mechanisms after such events -- as well as the ability to modify these delivery mechanisms continuously in the face of new risks. 

For strategic planning, a key element of cyber-resilience is a deep understanding of risk – which means going beyond IT planning to make limiting risk exposure an integral part of the strategy. To capitalize on the Paradigm shift from cybersecurity to cyber resilience, businesses should focus their resources on the cyber risks that are likely to have the biggest impacts and hone in on the metrics that provide insight into and help predict them.

Business and government leaders should focus on resilience to avoid the catastrophic failure threatened by an all-or-nothing approach to cyber risks (i.e., preventing network entry as the only plan). Additionally, addressing resilience extends beyond information technology or information security. To ensure greater efficiency and effectiveness, technology and strategic leaders should be involved in an overall cyber resilience approach as a key part of their long-term strategy, including outlining which technologies a business will implement in the next five, 10 or more years.

This was last updated in February 2018

Continue Reading About cyber resilience

Networking
  • voice over LTE (VoLTE)

    Voice over LTE (VoLTE) is a digital packet technology that uses 4G LTE networks to route voice traffic and transmit data.

  • ONOS (Open Network Operating System)

    Open Network Operating System (ONOS) is an OS designed to help network service providers build carrier-grade software-defined ...

  • telematics

    Telematics is a term that combines the words telecommunications and informatics to describe the use of communications and IT to ...

Security
  • three-factor authentication (3FA)

    Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication ...

  • cyber espionage

    Cyber espionage (cyberespionage) is a type of cyber attack that malicious hackers carry out against a business or government ...

  • role-based access control (RBAC)

    Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an ...

CIO
  • project charter

    A project charter is a formal short document that states a project exists and provides project managers with written authority to...

  • leadership

    Leadership is the ability of an individual or a group of people to influence and guide followers or members of an organization, ...

  • transaction

    In computing, a transaction is a set of related tasks treated as a single action.

HRSoftware
  • employee engagement

    Employee engagement is the emotional and professional connection an employee feels toward their organization, colleagues and work.

  • talent pool

    A talent pool is a database of job candidates who have the potential to meet an organization's immediate and long-term needs.

  • diversity, equity and inclusion (DEI)

    Diversity, equity and inclusion is a term used to describe policies and programs that promote the representation and ...

Customer Experience
  • sales development representative (SDR)

    A sales development representative (SDR) is an individual who focuses on prospecting, moving and qualifying leads through the ...

  • service level indicator

    A service level indicator (SLI) is a metric that indicates what measure of performance a customer is receiving at a given time.

  • customer data platform (CDP)

    A customer data platform (CDP) is a type of software application that provides a unified platform of customer information that ...

Close