IDC PlanScape: IT Security — Building Enterprise Cyber-Resilience
Cyber-resilience programs focus on building an organization's capacity to anticipate, withstand, and recover from adverse events by applying time-tested engineering principles to the system design process. The practice of resilience engineering has a long history in the world of life safety, transportation, and other disciplines where system resilience has long been a critical operational requirement. The increasing reliance of organizations on information and information systems to carry out crucial business functions now calls for these same principles to be applied to cybersystems.Fortunately, information technology (IT) professionals can draw upon the long history of resilience engineering in other fields to develop their organization's cyber-resilience practices. The National Institute of Standards and Technology (NIST) also offers a cyber-resilience engineering framework that offers a catalog of cyber-resilience best practices. These best practices may serve as the starting point for any organization's cyber-resilience program.This IDC PlanScape discusses why cyber-resilience is a critical attribute of today's enterprises and ways that senior IT executives can build cyber-resilience in their organizations. It discusses key goals and objectives on the path to greater enterprise resilience, critical stakeholders, and best practices for achieving resilience."Cyber-resilience programs complement an organization's existing cybersecurity efforts," says Mike Chapple, adjunct analyst with IDC's IT Executive Programs (IEP). "Today's business is increasingly dependent upon a complex set of technologies and integrations to meet its operational goals. Any adversity that disrupts those systems has the potential to cause significant financial and reputational damage. Cyber-resilience programs address this risk by improving the organization's ability to anticipate, withstand, and recover from adversity while adapting to changing conditions."
Please Note: Extended description available upon request.
- IDC PlanScape Figure
- EXECUTIVE SUMMARY
- Why Is Building Enterprise Cyber-Resilience Important?
- What Is Building Enterprise Cyber-Resilience?
- Cyber-Resiliency Goals
- Cyber-Resiliency Objectives
- Cyber-Resiliency Techniques and Approaches
- Who Are the Key Stakeholders?
- The Role of Executive Leadership
- The Role of the CIO and IT Leadership
- The Role of Technology Leaders
- The Role of Business Leaders
- How Can My Organization Take Advantage of Building Enterprise Cyber-Resilience?
- Conduct a Cyber-Resilience Assessment
- Develop and Implement a Prioritized Remediation Strategy
- Integrate Cyber-Resilience into the Systems Development Life Cycle
- Advice for Technology Leaders
- Immediately: Prior to Budget Completion
- Next Six Months: Include in Budget
- Over 12–60 Months
- Related Research
Research Assistance
Learn how to effectively navigate the market research process to help guide your organization on the journey to success.
Download eBook