Cyber resilience
See also resilience
- Snippet from Wikipedia: Cyber resilience
Cyber resilience refers to an entity's ability to continuously deliver the intended outcome, despite cyber attacks. Resilience to cyber attacks is essential to IT systems, critical infrastructure, business processes, organizations, societies, and nation-states. A related term is cyberworthiness, which is an assessment of the resilience of a system from cyber attacks. It can be applied to a range of software and hardware elements (such as standalone software, code deployed on an internet site, the browser itself, military mission systems, commercial equipment, or IoT devices).
Adverse cyber events are those that negatively impact the availability, integrity, or confidentiality of networked IT systems and associated information and services. These events may be intentional (e.g. cyber attack) or unintentional (e.g. failed software update) and caused by humans, nature, or a combination thereof.
Unlike cyber security, which is designed to protect systems, networks and data from cyber crimes, cyber resilience is designed to prevent systems and networks from being derailed in the event that security is compromised. Cyber security is effective without compromising the usability of systems and there is a robust continuity business plan to resume operations, if the cyber attack is successful.
Cyber resilience helps businesses to recognize that hackers have the advantage of innovative tools, element of surprise, target and can be successful in their attempt. This concept helps business to prepare, prevent, respond and successfully recover to the intended secure state. This is a cultural shift as the organization sees security as a full-time job and embedded security best practices in day-to-day operations. In comparison to cyber security, cyber resilience requires the business to think differently and be more agile on handling attacks.
The objective of cyber resilience is to maintain the entity's ability to deliver the intended outcome continuously at all times. This means doing so even when regular delivery mechanisms have failed, such as during a crisis or after a security breach. The concept also includes the ability to restore or recover regular delivery mechanisms after such events, as well as the ability to continuously change or modify these delivery mechanisms, if needed in the face of new risks. Backups and disaster recovery operations are part of the process of restoring delivery mechanisms.