Cyber resilience is a management duty
Cyber resilience is more and more framed as a management duty, with the related governance recognized as one of many high governance challenges presently confronted by boards of administrators. Many sources explicitly place boards as being accountable for resilience outcomes, with some articles stressing the necessity to assign duty to a single officer. That is clearly pushed by governmental rules the place, in some nations, Board duty for cyber resilience outcomes is explicitly recognized. Articles additionally spotlight the significance of senior management in fostering a tradition of cybersecurity consciousness and resilience throughout the complete group.
Business context
The assessment additionally investigated variations in definitions and conceptualizations of cyber resilience throughout industries, and whereas variations do exist, they’re completely a mirrored image of prioritization and working setting, not basically totally different views of resilience. For instance, articles that centered on the monetary providers sector emphasised regulatory compliance and systemic stability of the ecosystem, whereas people who centered on the power and industrial sectors make it clear that the precedence is on operational continuity and security. Whereas these variations would possibly affect how resilience is carried out and measured, the underlying ideas of cyber resilience stay constant throughout industries.
Diverging views
Conceptual framing: What precisely is cyber resilience?
One space the place present cyber resilience literature diverges is within the general framing or assemble of cyber resilience. In lots of circumstances, cyber resilience is framed as a part of cybersecurity, whereas others contemplate cybersecurity a precursor to cyber resilience. In most of the reviewed articles, phrases resembling threat administration, cybersecurity preparedness and cyber resilience have been used interchangeably. Roughly 30% of articles framed cyber resilience as a really distinct assemble, differentiating it from basic cybersecurity ideas. These articles completely positioned cyber resilience as a broader strategic governance assemble.
