Cyber Resilience: A definition and 10 Important Factors to Consider

Every field of study, over time, creates its own dynamics and terms. In today’s interconnected world, where we are constantly connected 24/7, we find ourselves discussing “Cyber Resilience” in the context of cybersecurity.

In the domain of cybersecurity, resilience signifies a similar concept. When we explore what resilience means in terms of cybersecurity, we come across the following definition by The National Academy of Sciences (NAS) and the National Research Council (NRC):

The ability to prepare and plan for, absorb, recover from, and more successfully adapt to adverse events.(1)

About Resilience and Cyber Resilience Strategy as a Term

The term “Resilience” has become quite common in various domains today. Psychological resilience is one example. If I were to briefly explain the impression the word “Resilience” leaves me with, I would say this: there will always be ups and downs along the way, but what matters is to keep moving forward.

To put it in everyday terms, it’s like the possibility of falling while walking. What’s important is being prepared for it, knowing how to get up when it happens, and taking preventive measures to avoid experiencing the same thing again.

Cyber resilience strategy, cybersecurity, risk management, incident response, information security, proactive measures.The foundation of a successful cyber resilience strategy lies in implementing comprehensive cybersecurity measures. This includes proactive measures such as regular vulnerability assessments and penetration testing to identify potential weaknesses in the organization’s systems and networks. By addressing these vulnerabilities before they can be exploited by malicious actors, companies can significantly reduce their risk exposure.

Linkov and Koot’s graphic (2019)

Notional resilience profile, plotting a system’s critical functionality over time,” clearly illustrates the process related to the resilience of systems with critical functions. They mark the exact spot where our foot stumbles as “adverse event occurs.

Why Cyber Resilience?

Before moving forward to factors to enhance resilience, let’s have a look at why we need such a term. Society relies heavily on complex and interconnected cyber systems for various activities, from personal finance to national defense. These systems have greatly improved efficiency but also face a range of threats from hackers, groups, and even state actors, such as DDoS attacks, data theft, and ransomware.

Cyberattacks target individuals, corporations and even government agencies. State-based cyber threats are also a concern. Traditional risk assessment methods fall short in the cybersecurity field due to the integration of threats and vulnerabilities across interconnected systems, making it hard to predict cascading effects.

Given the rapid evolution of cyber threats and the unpredictability, a new approach is needed. Cyber resilience, which involves a system’s ability to prepare, absorb, recover, and adapt to adverse cyber effects, is crucial. This resilience allows systems to bounce back from attacks, much like biological systems develop immunity to infections. Cyber resilience encompasses a system’s properties and components that enable it to withstand and recover from cyberattacks.

10 Factors to Enhance Cyber Resilience Strategy

The resilience of a system, network, or organization is affected by various factors, which can be complex and sometimes contradictory. If our ultimate goal is to develop a system that can absorb, recover from, and adapt to adverse events, especially those related to cyber threats, here are the 10 important factors and how they can be managed or leveraged to enhance cyber resilience.

1- Manage Complexity

This involves dealing with the intricate nature of system connections and interactions. Complexity can enhance or hinder resilience depending on how it’s managed, as excessive complexity can introduce unpredictability.

2- Choose Topology

The selection of the system or network structure can significantly impact its resilience. The topology, or how components are interconnected, can make a system more or less vulnerable to various types of failures or attacks.

3- Add Resource

Enhancing resilience can be achieved by allocating additional resources to the system, such as increasing capacity, storage, or redundancy. However, this comes at a cost in terms of resource allocation and complexity.

3- Design for Reversibility

Designing components to revert to a safe mode when compromised or failed is essential for maintaining resilience. Reversibility allows the system to recover with minimal harm.

4- Control Propagation

To boost a system’s ability to absorb cyber-compromises, steps should be taken to prevent cascading failures. Reducing the likelihood of failures spreading from one component to another is crucial for resilience.

5- Provide Buffering

In data and commodity flow networks, buffering or caching is a resilience mechanism that allows for continued access to resources even when the original source is temporarily unavailable. It helps maintain performance during disruptions and to build better cyber reslience.

6- Prepare Active Agents:

Active agents, whether human or artificial, should be ready to take measures to absorb, recover, and adapt in the face of adverse events. Proper training, planning, and preparation are key for effective actions.

7- Build Agent Capabilities

Agents within the system should be versatile and capable of performing various functions depending on the context. This versatility and redundancy can enhance the system’s resilience by allowing it to adapt to perturbations.

8- Consider Adversary

Understanding the likely adversary’s capabilities, tactics, and intentions is vital for designing mechanisms and processes that can withstand adversary actions. Game-theoretic analysis and war gaming can help optimize countermeasures.

9- Conduct Analysis

Before implementing resilience-enhancing measures, a thorough analysis is necessary. This analysis should identify potential negative impacts and systemic effects to ensure that the measures do not inadvertently reduce resilience.

In the ever-evolving landscape of cybersecurity, cyber resilience serves as the beacon of adaptability and preparedness, guiding organizations and individuals to withstand and recover from the challenges of an interconnected digital world.

Source:
(1)National Research Council. 2012. Disaster Resilience: A National Imperative. Washington, DC: The National Academies Press
(2) Kott, A., & Linkov, I. (Eds.). (2019). Cyber resilience of systems and networks (pp. 381-401). New York, NY: Springer International Publishing
(3) Resilience, C., & Team, R. (2018). Cyber Resilience and Response. 2018 Public-Private Analytic Exchange Program. Documents/2018_Cyber-Resilience. Pdf
(4) Ross, R., Pillitteri, V., Graubart, R., Bodeau, D., & McQuaid, R. (2019). Developing cyber resilient systems: a systems security engineering approach (No. NIST Special Publication (SP) 800-160 Vol. 2 (Draft)). National Institute of Standards and Technology.