IDC PlanScape: IT Security -- Building Enterprise Cyber-Resilience

IDC PlanScape: IT Security -- Building Enterprise Cyber-Resilience

  • January 2021 •
  • 8 pages •
  • Report ID: 6019026 •
  • Format: PDF
Cyber-resilience programs focus on building an organization's capacity to anticipate, withstand, and recover from adverse events by applying time-tested engineering principles to the system design process. The practice of resilience engineering has a long history in the world of life safety, transportation, and other disciplines where system resilience has long been a critical operational requirement. The increasing reliance of organizations on information and information systems to carry out crucial business functions now calls for these same principles to be applied to cybersystems.Fortunately, information technology (IT) professionals can draw upon the long history of resilience engineering in other fields to develop their organization's cyber-resilience practices. The National Institute of Standards and Technology (NIST) also offers a cyber-resilience engineering framework that offers a catalog of cyber-resilience best practices. These best practices may serve as the starting point for any organization's cyber-resilience program.This IDC PlanScape discusses why cyber-resilience is a critical attribute of today's enterprises and ways that senior IT executives can build cyber-resilience in their organizations. It discusses key goals and objectives on the path to greater enterprise resilience, critical stakeholders, and best practices for achieving resilience."Cyber-resilience programs complement an organization's existing cybersecurity efforts," says Mike Chapple, adjunct analyst with IDC's IT Executive Programs (IEP). "Today's business is increasingly dependent upon a complex set of technologies and integrations to meet its operational goals. Any adversity that disrupts those systems has the potential to cause significant financial and reputational damage. Cyber-resilience programs address this risk by improving the organization's ability to anticipate, withstand, and recover from adversity while adapting to changing conditions."