This IDC Perspective looks at the term cyber-resilience, a relatively recent term that has been coined to encompass the ability of a business to deliver core IT services. The concepts of backup and recovery are not new, traditionally playing a strong role in IT as computer systems were once less stable than today. As the post-Stuxnet era has exposed organizations to new risks, the attention to backup and recovery best practices waned. Thus vendors are now looking to capitalize on the new normal for cybersecurity, extending it to include a complete cyber-resilience program in order to survive the inevitable breaches by redefining the "problem" holistically. The concepts borrow heavily from cybersecurity, backup and disaster recovery tools, and business continuity principles. Vendor success will be defined by their ability to convince businesses to expand their mindset from the detect and protect principles of cybersecurity to the continual workflow like nature of cyber-resilience.
"The concept of cyber-resiliency does not need to be a brand new discipline for organizations. Prior investments in business continuity can be leveraged with the cyberdefense principles of identify, protect, detect, respond, and recover to give organizations the ability to have a robust cyber-resiliency program," according to Craig Robinson, program director, Security Services.