Cyber resilience and cyber security may sound similar, but there’s a difference.
Think of cyber security as the all-around approach to safeguarding your system and cyber resilience as the ability to anticipate and respond to threats if they do enter your system.
The threats can be hackers or just an inadvertent mistake, but the resilience helps your system bounce back and keep operating or resume operating as soon as possible.
Rather than let a hacker cost a company millions of dollars, leaders can use resilience to minimize or avoid losses and to keep the business system working.
Components
Cyber resilience includes ways to prepare, avert, respond and adapt to adverse impacts on your IT and related systems.
The best approach is to establish alternate methods to keep operating while working to repair a damaged or inoperative system.
The National Institute of Standards and Technology, for example, outlines more than a dozen steps a firm can take to help it cope with an adverse incident.
Among the steps:
- Watch for signs of a pending adverse incident.
- Respond quickly.
- Install multiple obstacles to deter intruders.
- Hide key assets from hackers, diversify the system and restrict access.
- Change processes “randomly and unexpectedly” to thwart unwanted intruders.
In my experience, cyber resilience works best if a company is aggressive, energetic and innovative in protecting its system.