Cyber Resiliency
| 1. Cyber Resiliency refers to an organisation's ability to continuously deliver the intended outcome even under adverse cyber incidents.
Notes (1): Cyber Resiliency is a concept that brings the areas of information security, business continuity and organizational resilience together. 
|
2. Cyber resilience represents a different and useful way of thinking about protecting data and information systems. Rather than focusing only on preventing attacks or intrusions, cyber resilience also attempts to mitigate the consequences of such incidents. As attacks on data and information systems increase – and become increasingly malicious – the concept of cyber resilience can help organizations of all types and sizes do a better job of minimizing the damage caused by these attacks.
Source: (Del Giudice, 2016)
3. We define resilience to be the organizational capability to sense, resist and react to disruptive cyber events, and to recover from them in a timely fashion.
Source: (Ayoub, M. Firth, & Nayaz, 2017)
4. Cyber Resilience is about the management—not the elimination—of risk. It recognises that security needs to go beyond systems, software or IT departments. Cyber Resilience puts the power in the hands of people, and arms them with the ability to recognise risks, draw on the collective intelligence of others, and take preventive or corrective action.
Source: (Symantec, 2017)
5. Cyber resiliency is the ability to operate the business processes in normal and adverse scenarios without adverse outcomes. Specifically, resiliency strengthens the firm’s ability to identify, prevent, detect and respond to process or technology failures and recover, while reducing customer harm, reputational damage and financial loss.
Source: (Accenture, 2015)