Cyber Resiliency

Cyber Resiliency is the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on cyber resources.^[1] In essence, it is the effectiveness of an entity's cybersecurity. Cyber resiliency differs from Cybersecurity in that it emphasizes the need to minimize mission impacts rather than the need to minimize losses of information, information systems, or other assets. Cyber resiliency differs from other concerns of resilience in that it focused on adversarial disruptions.^[2]

Metrics

There are two different approaches to measuring cybersecurity effectiveness: Dashboards and benchmarking.

Dashboards

Dashboards visualize and make assessable metrics quantified in terms of cost, risk level, and time. Key Performance Indicators (KPIs):^[3]

1. Mean-Time-to-Detect and Mean-Time-to-Respond
2. Number of systems with known vulnerabilities
3. Number of incorrectly configured SSL certificates
4. Volume of data transferred using the corporate network
5. Number of users with “super user” access level
6. Number of days to deactivate former employee credentials
7. Number of communication ports open during a period of time
8. Frequency of review of third party accesses
9. Frequency of third-party accesses to critical enterprise systems
10. Percentage of business partners with effective cybersecurity policies

Benchmarking

Benchmarking refers to the gathering of data from similar organizations for comparison with one's own organization’s cybersecurity measures.^[4]

Challenges

References