SlideShare una empresa de Scribd logo

Understanding cyber resilience definitions

Descargar como PPTX, PDF
A
Aaron Clark-Ginsberg

The document discusses definitions of cyber resilience from academic and industry sources. It finds that while definitions generally refer to withstanding and recovering from cyber threats, they differ in how they define the threats, who or what is resilient, and the core components of resilience. The document also analyzes the origins and practice of cyber resilience, finding it aims to manage inherent insecurity but responsibilities are unclear. It concludes that more research is needed on organizing for resilience across organizations and boundaries.

Tecnología
1 de 35
What is cyber resilience? Aaron Clark-Ginsberg Center for International Security and Cooperation, Stanford University 2017 Frontiers in Resilience Symposium This material is based upon work supported by the U.S. Department of Homeland Security. The views and conclusions contained in this material are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland Security. The author would like to thank the U.S. Department of Homeland Security for its support. Word cloud created from texts analyzed for this study
Resilience is everywhere
Is resilience “the organizing principle in contemporary political life”? (Brasset et al., 2013) • Resilience has been described as: • A useful method for managing risk in the face of complexity • A buzzword • A disastrous technique that normalizes insecurity and state withdrawal • Instead of a priori praising, damning, or dismissing resilience, we need empirically examine how resilience - like other forms of risk management - is practiced (Cutter, 2016; Douglas and Wildavsky, 1983) http://www.noladefender.com/content/dont-call-me-resilient
Case study: cyber resilience • Cybersecurity is crucial for society: • Critical infrastructure (2003 Northeast blackout, 2015/16 Ukraine blackouts) • Economy (2014 Sony hacks) • Democracy (2016/17 US, France, Germany election hacks) • …and resilience is crucial for cybersecurity (Vugrin and Turgeon, 2014) • Thus, the cyber resilience turn is potentially a major shift in how we conceptualize and govern society • Research objective: systematically review how cyber resilience is understood
Methods • Documentary and survey data: • 157 documents from Google Scholar (50) Web of Science (57) Google (50) • Semi-structured survey modified from Kelly and Kelly (2017) • Link: www.aaroncg.me/current-projects/ • Coding: origin, definitions, rationale, methods • Current progress: finalized initial analysis of documentary data, gathering survey responses
Is it cybersecurity or cyber resilience? Cyber security Cyber resilience How are cyber systems conceptualized? Siloed and static technical component of a broader system Dynamic sociotechnical processes imbedded within a system Who is responsible for managing cyber risks? IT department Everyone How do you manage cyber threats? Prevention: harden systems using new technologies Improve governance structures to align incentives Promote dynamic adaption and response Why is cyber risk management important? Failure can compromise organizations Failure can compromise organizations and societies How are risks predicted? Traditional risk assessment tools (e.g. P/I ranking)—backward Combination of historical data and trend analysis—backward and forward
Source: Clark-Ginsberg, A. (2017). Participatory risk network analysis: A tool for disaster reduction practitioners. International Journal of Disaster Risk Reduction, 21, 430-437. Cyber resilience: it’s the network
Origins of cyber resilience • Cyber resilience originated after 2010, primarily in practitioner circles: • 154 of 157 surveyed documents were written after 2010 • World Economic Forum’s 2012 Cyber Resilience Initiative • Hurricane Katrina, September 11th, Foot and Mouth Disease • Holling (1973). Minimal academic engagement (Bjorck et al., 2015) • Similar time scale to resilience in other fields including: • Sustainable development and environmental policy (Evans and Reid, 2014) • International disaster management (Hilhorst, 2003; Manyena, 2006) • Security and civil protection (Bourcart, 2015).
Definition: the ability of systems and organizations to withstand cyber events What’s in it: Who cyber resilience refers to How to determine/achieve resilience cyber resilience threats What’s in a definition?
[the ability] to recover and resume operations within acceptable levels of service
a cyber system’s ability to function properly and securely despite disruptions to that system
a holistic view of cyber risk, which looks at culture, people and processes, as well as technology
A system’s ability to withstand cyber attacks or failures and then quickly reestablish itself
ability of systems and organizations to withstand cyber events
ability to withstand and recover quickly from unknown and known threats
an organization’s ability to respond to and recover from a cybersecurity incident
Cyber resilience = cyber security + business resilience
the persistence of service delivery that can be justifiably be trusted, when facing changes and mainly regarded as fault tolerance
maintaining the system’s critical functionality by preparing for adverse events, absorbing stress, recovering the critical functionality, and adapting to future threats
the ability of a system that is dependent on cyberspace in some manner to return to its original [or desired] state after being disturbed
the ability of systems and organizations to withstand cyber events
Similarities in definitions • Focus on managing rather than preventing threats, mainly because complexity and change made prevention impossible • Traditional security measures are “failing” and “less realistic” (Symantec, 2014) than cyber resilience, an approach that goes beyond the traditional security/insecurity “binary” (World Economic Forum, 2012) • Cyber systems framed as central to organizations and to society
Differences in the threats • Cyber and non-cyber threats (24) or cyber specific threats (13) • ‘Cyber’ is foundational to cyber resilience, so generic definitions may be overly-broad • Cyber attacks and incidents (29) or cyber attacks (11) • Cyber attacks require different forms of risk management than cyber incidents (probabilistic non probabilistic) but have some commonalities. Limited definitions may be too narrow
Differences in who cyber resilience refers to • Organizations (9), systems (8), businesses (4), nation (1), business process (1), substance or object (1) mission (1), not specified (19) • Cyber resilience is multi sector and stakeholder • Identifying a sector or stakeholder provides specificity • Focus on organizations and businesses
Differences in core components required for resilience • Identify/anticipate (6), prepare (4), withstand (15), respond (4), recover (20), adapt (7) • Suggests different system views • Adaptive ecological (sociotechnical system) • Static engineering (technical system)
Cyber resilience as a sociotechnical problem • Risk and risk management is considered product of interactions between multiple stakeholders and systems • Staff as “the greatest asset” and “the greatest liability” (Symantec, 2014). Executives key • Beyond organizations: cyber breaches affect everyone, and risks must be managed jointly • Responsibility is uncertain Word tree of sentences using the phrase ‘work together’ Source: author, created with NVivo
Responsibility and cyber risk • Responsibility structures are not well established. Instead of regulations there is “an acute awareness that technological innovation and market potential should not be stifled” (de Goede, 2015) • Voluntary frameworks like NIST CSF, CERT RRM are promoted • Cyber resilience is a choice that requires executive support • Competing inter- and intra- organizational interests potentially stifle cyber resilience • Lack of regulations and changing technologies make responsibility difficult to assign • New role of the private sector and individuals in managing national security. Pragmatic necessity or governmental responsibility shirking?
Industry: technical and organizational dimensions https://www.mimecast.com/content/cyber-resilience/ From World Economic Forum 2012 ‘Risk and Responsibility in a Hyperconnected World’
Academia: primarily technically oriented • Problematic given the novel and debated organizational and institutional configurations cyber resilience presents
Organizing for cyber resilience: what works?
Analysis and conclusions • Cyber resilience conceptualizes the world as inherently insecure, and provides a new organizational orientation for managing insecurity • Cyber resilience makes managing cyber risks central to society • We lack knowledge on how to organize for cyber resilience • Some define cyber resilience from an engineering, not ecosystem, perspective
Redefining cyber resilience • Current common definition: the ability to withstand and recover from threats • Proposed common definition: the ability to anticipate, withstand, prepare for, respond to, recover from, and adapt to cyber incidents and attacks
Reorienting cyber resilience • Practice: • Engage with the adaptive elements of cyber resilience • Articulate cyber risk and resilience from a societal, not individual or organizational, risk perspective • Focus on organizing for resilience • Research: • Empirical studies on organizational and transboundary dimensions of risk management
Questions/comments? Email: aaroncg@stanford.edu Cyber resilience survey: www.aaroncg.me/current-projects/
1 [the ability] to recover and resume operations within acceptable levels of service. 2 a cyber system’s ability to function properly and securely despite disruptions to that system 3 a holistic view of cyber risk, which looks at culture, people and processes, as well as technology 4 A system’s ability to withstand cyber attacks or failures and then quickly reestablish itself 5 ability of systems and organizations to withstand cyber events 6 ability to withstand and recover quickly from unknown and known threats 7 an organization’s ability to recover and return to normal operations after a cyber attack 8 an organization’s ability to respond to and recover from a cybersecurity incident 9 the ability to provide and maintain an acceptable level of service when facing attacks and challenges to normal operation 10 Cyber resilience = cyber security + business resilience 11 the ability to operate the business processes in normal and adverse scenarios without adverse outcomes 12 identifying and responding to security breaches 13 the persistence of service delivery that can be justifiably be trusted, when facing changes and mainly regarded as fault tolerance 14 maintaining the system’s critical functionality by preparing for adverse events, absorbing stress, recovering the critical functionality, and adapting to future threats 15 withstand a major disruption because of unknown event 16 organizations capability to cope with cyber attacks 17 ‘robustness’ and ‘survivability’ measured in terms of performance and sustained availability. It also implies elements of both confidentiality and integrity 18 The ability of a nation, organization, or mission or business process to anticipate, withstand, recover from, and evolve to improve capabilities conditions, stresses, or attacks on the supporting cyber resources it needs to function 19 the ability of a substance or object to spring back into shape 20 the ability of a system that is dependent on cyberspace in some manner to return to its original [or desired] state after being disturbed 21 the ability of an organisation to understand the cyber threats it’s facing, to inform the known risks, to put in place proportionate protection, and to recover quickly from attack 22 the ability of an organization to continue to function, even though it is in a degraded manner, in the face of impediments that affect the proper operation of some of its components 23 the ability of cyber systems and cyberdependent missions to anticipate, continue to operate correctly in the face of, recover from, and evolve to better adapt to advanced cyber threats 24 the ability of systems and organizations to develop and execute long-term strategy to withstand cyber events 25 the ability of systems and organizations to withstand cyber events 26 the ability of systems to anticipate/withstand/ recover from attacks and failures 27 the ability to adapt and respond rapidly to disruptions and maintain continuity of operations 28 the ability to continuously deliver the intended outcome despite adverse cyber events 29 the ability to operate in the face of persistent attacks 30 the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions 31 the ability to prepare for and adapt to changing threat conditions while withstanding and rapidly recovering from attacks to infrastructure availability 32 the ability to prepare for and recover quickly from both known and unknown threats 33 the ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operation 34 the ability to recover from or easily adjust to misfortune or change 35 the ability to recover, returning to an original state, after some event that disrupts this state 36 the ability to withstand attacks and failures, as well as to mitigate harm more than in other domain 37 the capability of a supply chain to maintain its operational performance when faced with cyber-risk 38 the capacity to recover quickly from difficulties; toughness 39 the continuation of operations even when society faces a severe disturbance in its security environment, the capability to recover quickly from the shock, and the ability to either remount the temporarily halted functions or re- engineer them 40 the ability of an information processing system’s ability to return to some level of desired performance after a degradation of that performance 41 the alignment of prevention, detection, and response capabilities to manage, mitigate, and move on from cyberattacks. It is the capacity of an enterprise to maintain its core purpose and integrity in the face of cyberattacks

Recomendados

Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilienceChristophe Foulon, CISSP
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber ResilienceIan-Edward Stafrace
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilienceaccenture
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber ResiliencePeter Wood
 

Recomendados

Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilienceChristophe Foulon, CISSP
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber ResilienceIan-Edward Stafrace
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilienceaccenture
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber ResiliencePeter Wood
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Anshu Gupta
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceZaiffiEhsan
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSSylvain Martinez
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Cybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopCybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopLife Cycle Engineering
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Improving cyber security using biosecurity experience
Improving cyber security using biosecurity experienceImproving cyber security using biosecurity experience
Improving cyber security using biosecurity experienceNorman Johnson
 
Incident Response
Incident ResponseIncident Response
Incident ResponseMichaelRodriguesdosS1
 

Más contenido relacionado

La actualidad más candente

Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Anshu Gupta
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceZaiffiEhsan
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSSylvain Martinez
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Cybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopCybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopLife Cycle Engineering
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 

La actualidad más candente (20)

Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity Assessment
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Cybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy WorkshopCybersecurity Risk Management Framework Strategy Workshop
Cybersecurity Risk Management Framework Strategy Workshop
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
 
Security architecture
Security architectureSecurity architecture
Security architecture
 

Similar a Understanding cyber resilience definitions

Improving cyber security using biosecurity experience
Improving cyber security using biosecurity experienceImproving cyber security using biosecurity experience
Improving cyber security using biosecurity experienceNorman Johnson
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
 
Yours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem SpaceYours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem SpaceJack Whitsitt
 
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...juliekannai
 
Resilience Shift - overview of our programme
Resilience Shift - overview of our programmeResilience Shift - overview of our programme
Resilience Shift - overview of our programmeThe Resilience Shift
 
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...Levi Shapiro
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadVinoth Sn
 
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALDefending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALMichael Bunn
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
Towards Quantification of Cyber Risk
Towards Quantification of Cyber RiskTowards Quantification of Cyber Risk
Towards Quantification of Cyber RiskKirstjen Nielsen
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
is_1_Introduction to Information Security
is_1_Introduction to Information Securityis_1_Introduction to Information Security
is_1_Introduction to Information SecuritySARJERAO Sarju
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiebuc
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykEryk Budi Pratama
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementMel Drews
 
CMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docx
CMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docxCMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docx
CMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docxmary772
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyEnergySec
 

Similar a Understanding cyber resilience definitions (20)

Improving cyber security using biosecurity experience
Improving cyber security using biosecurity experienceImproving cyber security using biosecurity experience
Improving cyber security using biosecurity experience
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Yours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem SpaceYours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem Space
 
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
Preparing for a Black Swan: Planning and Programming for Risk Mitigation in E...
 
Resilience Shift - overview of our programme
Resilience Shift - overview of our programmeResilience Shift - overview of our programme
Resilience Shift - overview of our programme
 
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-upload
 
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALDefending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
Towards Quantification of Cyber Risk
Towards Quantification of Cyber RiskTowards Quantification of Cyber Risk
Towards Quantification of Cyber Risk
 
information security management
information security managementinformation security management
information security management
 
is_1_Introduction to Information Security
is_1_Introduction to Information Securityis_1_Introduction to Information Security
is_1_Introduction to Information Security
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspekti
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - Eryk
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk Management
 
CMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docx
CMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docxCMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docx
CMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docx
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 

Último

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 

Último (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 

Understanding cyber resilience definitions

  • 1. What is cyber resilience? Aaron Clark-Ginsberg Center for International Security and Cooperation, Stanford University 2017 Frontiers in Resilience Symposium This material is based upon work supported by the U.S. Department of Homeland Security. The views and conclusions contained in this material are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland Security. The author would like to thank the U.S. Department of Homeland Security for its support. Word cloud created from texts analyzed for this study
  • 3. Is resilience “the organizing principle in contemporary political life”? (Brasset et al., 2013) • Resilience has been described as: • A useful method for managing risk in the face of complexity • A buzzword • A disastrous technique that normalizes insecurity and state withdrawal • Instead of a priori praising, damning, or dismissing resilience, we need empirically examine how resilience - like other forms of risk management - is practiced (Cutter, 2016; Douglas and Wildavsky, 1983) http://www.noladefender.com/content/dont-call-me-resilient
  • 4. Case study: cyber resilience • Cybersecurity is crucial for society: • Critical infrastructure (2003 Northeast blackout, 2015/16 Ukraine blackouts) • Economy (2014 Sony hacks) • Democracy (2016/17 US, France, Germany election hacks) • …and resilience is crucial for cybersecurity (Vugrin and Turgeon, 2014) • Thus, the cyber resilience turn is potentially a major shift in how we conceptualize and govern society • Research objective: systematically review how cyber resilience is understood
  • 5. Methods • Documentary and survey data: • 157 documents from Google Scholar (50) Web of Science (57) Google (50) • Semi-structured survey modified from Kelly and Kelly (2017) • Link: www.aaroncg.me/current-projects/ • Coding: origin, definitions, rationale, methods • Current progress: finalized initial analysis of documentary data, gathering survey responses
  • 6. Is it cybersecurity or cyber resilience? Cyber security Cyber resilience How are cyber systems conceptualized? Siloed and static technical component of a broader system Dynamic sociotechnical processes imbedded within a system Who is responsible for managing cyber risks? IT department Everyone How do you manage cyber threats? Prevention: harden systems using new technologies Improve governance structures to align incentives Promote dynamic adaption and response Why is cyber risk management important? Failure can compromise organizations Failure can compromise organizations and societies How are risks predicted? Traditional risk assessment tools (e.g. P/I ranking)—backward Combination of historical data and trend analysis—backward and forward
  • 7. Source: Clark-Ginsberg, A. (2017). Participatory risk network analysis: A tool for disaster reduction practitioners. International Journal of Disaster Risk Reduction, 21, 430-437. Cyber resilience: it’s the network
  • 8. Origins of cyber resilience • Cyber resilience originated after 2010, primarily in practitioner circles: • 154 of 157 surveyed documents were written after 2010 • World Economic Forum’s 2012 Cyber Resilience Initiative • Hurricane Katrina, September 11th, Foot and Mouth Disease • Holling (1973). Minimal academic engagement (Bjorck et al., 2015) • Similar time scale to resilience in other fields including: • Sustainable development and environmental policy (Evans and Reid, 2014) • International disaster management (Hilhorst, 2003; Manyena, 2006) • Security and civil protection (Bourcart, 2015).
  • 9. Definition: the ability of systems and organizations to withstand cyber events What’s in it: Who cyber resilience refers to How to determine/achieve resilience cyber resilience threats What’s in a definition?
  • 10. [the ability] to recover and resume operations within acceptable levels of service
  • 11. a cyber system’s ability to function properly and securely despite disruptions to that system
  • 12. a holistic view of cyber risk, which looks at culture, people and processes, as well as technology
  • 13. A system’s ability to withstand cyber attacks or failures and then quickly reestablish itself
  • 14. ability of systems and organizations to withstand cyber events
  • 15. ability to withstand and recover quickly from unknown and known threats
  • 16. an organization’s ability to respond to and recover from a cybersecurity incident
  • 17. Cyber resilience = cyber security + business resilience
  • 18. the persistence of service delivery that can be justifiably be trusted, when facing changes and mainly regarded as fault tolerance
  • 19. maintaining the system’s critical functionality by preparing for adverse events, absorbing stress, recovering the critical functionality, and adapting to future threats
  • 20. the ability of a system that is dependent on cyberspace in some manner to return to its original [or desired] state after being disturbed
  • 21. the ability of systems and organizations to withstand cyber events
  • 22. Similarities in definitions • Focus on managing rather than preventing threats, mainly because complexity and change made prevention impossible • Traditional security measures are “failing” and “less realistic” (Symantec, 2014) than cyber resilience, an approach that goes beyond the traditional security/insecurity “binary” (World Economic Forum, 2012) • Cyber systems framed as central to organizations and to society
  • 23. Differences in the threats • Cyber and non-cyber threats (24) or cyber specific threats (13) • ‘Cyber’ is foundational to cyber resilience, so generic definitions may be overly-broad • Cyber attacks and incidents (29) or cyber attacks (11) • Cyber attacks require different forms of risk management than cyber incidents (probabilistic non probabilistic) but have some commonalities. Limited definitions may be too narrow
  • 24. Differences in who cyber resilience refers to • Organizations (9), systems (8), businesses (4), nation (1), business process (1), substance or object (1) mission (1), not specified (19) • Cyber resilience is multi sector and stakeholder • Identifying a sector or stakeholder provides specificity • Focus on organizations and businesses
  • 25. Differences in core components required for resilience • Identify/anticipate (6), prepare (4), withstand (15), respond (4), recover (20), adapt (7) • Suggests different system views • Adaptive ecological (sociotechnical system) • Static engineering (technical system)
  • 26. Cyber resilience as a sociotechnical problem • Risk and risk management is considered product of interactions between multiple stakeholders and systems • Staff as “the greatest asset” and “the greatest liability” (Symantec, 2014). Executives key • Beyond organizations: cyber breaches affect everyone, and risks must be managed jointly • Responsibility is uncertain Word tree of sentences using the phrase ‘work together’ Source: author, created with NVivo
  • 27. Responsibility and cyber risk • Responsibility structures are not well established. Instead of regulations there is “an acute awareness that technological innovation and market potential should not be stifled” (de Goede, 2015) • Voluntary frameworks like NIST CSF, CERT RRM are promoted • Cyber resilience is a choice that requires executive support • Competing inter- and intra- organizational interests potentially stifle cyber resilience • Lack of regulations and changing technologies make responsibility difficult to assign • New role of the private sector and individuals in managing national security. Pragmatic necessity or governmental responsibility shirking?
  • 28. Industry: technical and organizational dimensions https://www.mimecast.com/content/cyber-resilience/ From World Economic Forum 2012 ‘Risk and Responsibility in a Hyperconnected World’
  • 29. Academia: primarily technically oriented • Problematic given the novel and debated organizational and institutional configurations cyber resilience presents
  • 30. Organizing for cyber resilience: what works?
  • 31. Analysis and conclusions • Cyber resilience conceptualizes the world as inherently insecure, and provides a new organizational orientation for managing insecurity • Cyber resilience makes managing cyber risks central to society • We lack knowledge on how to organize for cyber resilience • Some define cyber resilience from an engineering, not ecosystem, perspective
  • 32. Redefining cyber resilience • Current common definition: the ability to withstand and recover from threats • Proposed common definition: the ability to anticipate, withstand, prepare for, respond to, recover from, and adapt to cyber incidents and attacks
  • 33. Reorienting cyber resilience • Practice: • Engage with the adaptive elements of cyber resilience • Articulate cyber risk and resilience from a societal, not individual or organizational, risk perspective • Focus on organizing for resilience • Research: • Empirical studies on organizational and transboundary dimensions of risk management
  • 34. Questions/comments? Email: aaroncg@stanford.edu Cyber resilience survey: www.aaroncg.me/current-projects/
  • 35. 1 [the ability] to recover and resume operations within acceptable levels of service. 2 a cyber system’s ability to function properly and securely despite disruptions to that system 3 a holistic view of cyber risk, which looks at culture, people and processes, as well as technology 4 A system’s ability to withstand cyber attacks or failures and then quickly reestablish itself 5 ability of systems and organizations to withstand cyber events 6 ability to withstand and recover quickly from unknown and known threats 7 an organization’s ability to recover and return to normal operations after a cyber attack 8 an organization’s ability to respond to and recover from a cybersecurity incident 9 the ability to provide and maintain an acceptable level of service when facing attacks and challenges to normal operation 10 Cyber resilience = cyber security + business resilience 11 the ability to operate the business processes in normal and adverse scenarios without adverse outcomes 12 identifying and responding to security breaches 13 the persistence of service delivery that can be justifiably be trusted, when facing changes and mainly regarded as fault tolerance 14 maintaining the system’s critical functionality by preparing for adverse events, absorbing stress, recovering the critical functionality, and adapting to future threats 15 withstand a major disruption because of unknown event 16 organizations capability to cope with cyber attacks 17 ‘robustness’ and ‘survivability’ measured in terms of performance and sustained availability. It also implies elements of both confidentiality and integrity 18 The ability of a nation, organization, or mission or business process to anticipate, withstand, recover from, and evolve to improve capabilities conditions, stresses, or attacks on the supporting cyber resources it needs to function 19 the ability of a substance or object to spring back into shape 20 the ability of a system that is dependent on cyberspace in some manner to return to its original [or desired] state after being disturbed 21 the ability of an organisation to understand the cyber threats it’s facing, to inform the known risks, to put in place proportionate protection, and to recover quickly from attack 22 the ability of an organization to continue to function, even though it is in a degraded manner, in the face of impediments that affect the proper operation of some of its components 23 the ability of cyber systems and cyberdependent missions to anticipate, continue to operate correctly in the face of, recover from, and evolve to better adapt to advanced cyber threats 24 the ability of systems and organizations to develop and execute long-term strategy to withstand cyber events 25 the ability of systems and organizations to withstand cyber events 26 the ability of systems to anticipate/withstand/ recover from attacks and failures 27 the ability to adapt and respond rapidly to disruptions and maintain continuity of operations 28 the ability to continuously deliver the intended outcome despite adverse cyber events 29 the ability to operate in the face of persistent attacks 30 the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions 31 the ability to prepare for and adapt to changing threat conditions while withstanding and rapidly recovering from attacks to infrastructure availability 32 the ability to prepare for and recover quickly from both known and unknown threats 33 the ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operation 34 the ability to recover from or easily adjust to misfortune or change 35 the ability to recover, returning to an original state, after some event that disrupts this state 36 the ability to withstand attacks and failures, as well as to mitigate harm more than in other domain 37 the capability of a supply chain to maintain its operational performance when faced with cyber-risk 38 the capacity to recover quickly from difficulties; toughness 39 the continuation of operations even when society faces a severe disturbance in its security environment, the capability to recover quickly from the shock, and the ability to either remount the temporarily halted functions or re- engineer them 40 the ability of an information processing system’s ability to return to some level of desired performance after a degradation of that performance 41 the alignment of prevention, detection, and response capabilities to manage, mitigate, and move on from cyberattacks. It is the capacity of an enterprise to maintain its core purpose and integrity in the face of cyberattacks

Notas del editor

  1. Example definitions
  2. 41 definitions in total, some from industry, some from academia, others generic. Only 4 were used more than once, these were all used twice In some cases variation is useful because it specifies a context e.g. supply chain cyber resilience: the capability of a supply chain to maintain its operational performance when faced with cyber-risk In other cases variation was not useful, indicating a lack of clarity on subject: withstand a major disruption compared to adapt and respond rapidly to disruptions --- Similarities: --ability to manage rather than prevent risks. two reasons for cyber resilience: cyber is central and impossible to completely protect. Mainly because traditional approaches to cybersecurity are ‘failing’ and ‘not realistic’. Other reasons were given including cost/benefit considerations, but these were rare --incredible complexity means that is not possible to manage risk [inter organizational and intra organizational] --changing or dynamic threat landscape means complexity is itself evolving, impossible to predict --internet of things and cloud cited as particularly challenging risk --past is not an indicator of the future --we are inherently insecure; all we can do is manage security
  3. Definitions of cyber resilience