“Cyber resilience”的意思、由来-开放百科全书

Cyber resilience is an evolving perspective that is rapidly gaining recognition. The concept essentially brings the areas of information security, business continuity and (organizational) resilience together.

Entities with potential need of cyber resilience abilities include, but is not limited to; IT systems, critical infrastructure, business processes, organizations, societies and nation-states. Adverse cyber events are those that negatively impact the availability, integrity or confidentiality of networked IT systems and associated information and services. These events may be intentional (e.g. cyber attack) or unintentional (e.g. failed software update) and caused by humans or nature or a combination thereof.

The objective of cyber resilience is to maintain the entity´s ability to deliver the intended outcome continuously at all times. This means even when regular delivery mechanisms have failed, such as during a crisis and after a security breach. The concept also includes the ability to restore regular delivery mechanisms after such events as well as the ability to continuously change or modify these delivery mechanisms if needed in the face of new risks. Backups and disaster recovery operations are part of the process of restoring delivery mechanisms.

Frameworks

Resilience, as defined by Presidential Policy Directive PPD-21, is the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions.^[2] Cyber resilience focuses on the preventative, detective, and reactive controls in an information technology environment to assess gaps and drive enhancements to the overall security posture of the entity. The Cyber Resilience Review (CRR) is one framework for the assessment of an entity's resiliency created by the Department of Homeland Security. Another framework created by Symantec is based on 5 pillars: Prepare/Identify, Protect, Detect, Respond, and Recover.^[3]

The National Institute of Standards and Technology's Special Publication 800-160 Volume 2^[4] offers a framework for engineering secure and reliable systems--treating adverse cyber events as both resiliency and security issues. In particular 800-160 identifies fourteen techniques that can be used to improve resiliency:

Difference from cyber security

Cyber security consists of technologies, processes and measures that are designed to protect systems, networks and data from cyber crimes. Effective cyber security reduces the risk of a cyber attack and protects entities, organisations and individuals from the deliberate exploitation of systems, networks and technologies. Cyber resilience looks at a wider scope where it comprises cyber security and business resilience.^[6] Cyber security is effective without compromising the usability of systems and there is a robust continuity business plan to resume operations, if the cyber attack is successful.

Cyber resilience helps businesses to recognize that hackers have the advantage of innovative tools, element of surprise, target and can be successful in their attempt. This concept helps business to prepare, prevent, respond and successfully recover to the intended secure state. This is a cultural shift as the organization sees security as a full-time job and embedded security best practices in day-to-day operations.^[7] In comparison to cyber security, cyber resilience requires the business to think differently and be more agile on handling attacks.

See also

References

1. ^{{Cite book| title = Cyber Resilience - Fundamentals for a Definition|volume=353|pages=311–316|publisher=Stockholm University| doi = 10.1007/978-3-319-16486-1_31|chapter = Cyber Resilience – Fundamentals for a Definition|series = Advances in Intelligent Systems and Computing|year = 2015|last1 = Björck|first1 = Fredrik|last2=Henkel|first2=Martin|last3=Stirna|first3=Janis|last4=Zdravkovic|first4=Jelena|isbn=978-3-319-16485-4}}
2. ^{{Cite web| url = https://www.dhs.gov/what-security-and-resilience| title = What Is Security and Resilience? {{!}} Homeland Security| website = www.dhs.gov| access-date = 2016-02-29| date = 2012-12-19}}
3. ^{{Cite web| url = http://www.symantec.com/content/en/us/enterprise/white_papers/b-cyber-resilience-blueprint-wp-0814.pdf| title = The Cyber Resilience Blueprint: A New Perspective on Security| last = | first = | date = | website = | publisher = | access-date = }}
4. ^{{Cite web|url=https://csrc.nist.gov/publications/detail/sp/800-160/vol-2/draft|title=SP 800-160 Vol. 2 (DRAFT), Systems Security Engineering: Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems|last=(NIST)|first=Author: Ron Ross|last2=(MITRE)|first2=Author: Richard Graubart|website=csrc.nist.gov|language=EN-US|access-date=2018-06-20|last3=(MITRE)|first3=Author: Deborah Bodeau|last4=(MITRE)|first4=Author: Rosalie McQuaid}}
5. ^{{Cite web|url=https://csrc.nist.gov/publications/detail/sp/800-160/vol-2/draft|title=SP 800-160 Vol. 2 (DRAFT), Systems Security Engineering: Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems|last=(NIST)|first=Author: Ron Ross|last2=(MITRE)|first2=Author: Richard Graubart|website=csrc.nist.gov|language=EN-US|access-date=2018-06-20|last3=(MITRE)|first3=Author: Deborah Bodeau|last4=(MITRE)|first4=Author: Rosalie McQuaid}}
6. ^{{Cite web|url=https://www.itgovernance.co.uk/cyber-resilience|title=Cyber Resilience|website=www.itgovernance.co.uk|access-date=2017-07-28}}
7. ^{{Cite news|url=https://www.forbes.com/sites/forbestechcouncil/2017/06/06/cybersecurity-is-dead/#3d1ad0c40121|title=Cybersecurity Is Dead|last=Council|first=Editors, Forbes Technology|work=Forbes|access-date=2017-07-28}}