Browse Definitions :
Definition

cyber resilience

Cyber resilience is the ability of a computing system to recover quickly should it experience adverse conditions. It requires continuous effort and touches on may aspects of information security (infosec), including disaster recovery (DR), business continuity (BC) and computer forensics.

Although not event-specific, cyber resilience is built up over time and refers to the preparations an organization makes to deal with threats and vulnerabilities, the defenses that have been developed, and the resources that are available for mitigating a security failure after the fact. Cyber resilience capabilities are essential in IT systems, critical infrastructure, business processes, organizations, societies and nation-states.

Presidential Policy Directive PPD-21, which former President Barack Obama issued in 2013 to update earlier directives, defines "resilience" as the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Examples include developing a business continuity plan, having a backup power generator and using more durable building materials.

Cyber resilience should not be considered synonymous with recovery, but rather with the ability of an enterprise to limit the effects of security incidents and continuously deliver the intended outcome despite a system failure or cyber attack. The concept includes the ability to restore regular delivery mechanisms after such events -- as well as the ability to modify these delivery mechanisms continuously in the face of new risks. 

For strategic planning, a key element of cyber-resilience is a deep understanding of risk – which means going beyond IT planning to make limiting risk exposure an integral part of the strategy. To capitalize on the Paradigm shift from cybersecurity to cyber resilience, businesses should focus their resources on the cyber risks that are likely to have the biggest impacts and hone in on the metrics that provide insight into and help predict them.

Business and government leaders should focus on resilience to avoid the catastrophic failure threatened by an all-or-nothing approach to cyber risks (i.e., preventing network entry as the only plan). Additionally, addressing resilience extends beyond information technology or information security. To ensure greater efficiency and effectiveness, technology and strategic leaders should be involved in an overall cyber resilience approach as a key part of their long-term strategy, including outlining which technologies a business will implement in the next five, 10 or more years.

This was last updated in February 2018

Continue Reading About cyber resilience

Networking
  • remote infrastructure management

    Remote infrastructure management, or RIM, is a comprehensive approach to handling and overseeing an organization's IT ...

  • port address translation (PAT)

    Port address translation (PAT) is a type of network address translation (NAT) that maps a network's private internal IPv4 ...

  • network fabric

    'Network fabric' is a general term used to describe underlying data network infrastructure as a whole.

Security
CIO
  • business goals

    A business goal is an endpoint, accomplishment or target an organization wants to achieve in the short term or long term.

  • vertical SaaS (software as a service)

    Vertical SaaS describes a type of software as a service solution created for a specific industry, such as retail, financial ...

  • business process mapping

    Business process mapping is the visual display of the steps within a business process showing how it's done from start to finish.

HRSoftware
  • employee onboarding and offboarding

    Employee onboarding involves all the steps needed to get a new employee successfully deployed and productive, while offboarding ...

  • skill-based learning

    Skill-based learning develops students through hands-on practice and real-world application.

  • gamification

    Gamification is a strategy that integrates entertaining and immersive gaming elements into nongame contexts to enhance engagement...

Customer Experience
  • Microsoft Dynamics 365

    Dynamics 365 is a cloud-based portfolio of business applications from Microsoft that are designed to help organizations improve ...

  • Salesforce Commerce Cloud

    Salesforce Commerce Cloud is a cloud-based suite of products that enable e-commerce businesses to set up e-commerce sites, drive ...

  • Salesforce DX

    Salesforce DX, or SFDX, is a set of software development tools that lets developers build, test and ship many kinds of ...

Close