IDC PlanScape: IT Security — Building Enterprise Cyber-Resilience

IDC PlanScape: IT Security — Building Enterprise Cyber-Resilience

Cyber-resilience programs focus on building an organization's capacity to anticipate, withstand, and recover from adverse events by applying time-tested engineering principles to the system design process. The practice of resilience engineering has a long history in the world of life safety, transportation, and other disciplines where system resilience has long been a critical operational requirement. The increasing reliance of organizations on information and information systems to carry out crucial business functions now calls for these same principles to be applied to cybersystems.Fortunately, information technology (IT) professionals can draw upon the long history of resilience engineering in other fields to develop their organization's cyber-resilience practices. The National Institute of Standards and Technology (NIST) also offers a cyber-resilience engineering framework that offers a catalog of cyber-resilience best practices. These best practices may serve as the starting point for any organization's cyber-resilience program.This IDC PlanScape discusses why cyber-resilience is a critical attribute of today's enterprises and ways that senior IT executives can build cyber-resilience in their organizations. It discusses key goals and objectives on the path to greater enterprise resilience, critical stakeholders, and best practices for achieving resilience."Cyber-resilience programs complement an organization's existing cybersecurity efforts," says Mike Chapple, adjunct analyst with IDC's IT Executive Programs (IEP). "Today's business is increasingly dependent upon a complex set of technologies and integrations to meet its operational goals. Any adversity that disrupts those systems has the potential to cause significant financial and reputational damage. Cyber-resilience programs address this risk by improving the organization's ability to anticipate, withstand, and recover from adversity while adapting to changing conditions."

Please Note: Extended description available upon request.


IDC PlanScape Figure
EXECUTIVE SUMMARY
Why Is Building Enterprise Cyber-Resilience Important?
What Is Building Enterprise Cyber-Resilience?
Cyber-Resiliency Goals
Cyber-Resiliency Objectives
Cyber-Resiliency Techniques and Approaches
Who Are the Key Stakeholders?
The Role of Executive Leadership
The Role of the CIO and IT Leadership
The Role of Technology Leaders
The Role of Business Leaders
How Can My Organization Take Advantage of Building Enterprise Cyber-Resilience?
Conduct a Cyber-Resilience Assessment
Develop and Implement a Prioritized Remediation Strategy
Integrate Cyber-Resilience into the Systems Development Life Cycle
Advice for Technology Leaders
Immediately: Prior to Budget Completion
Next Six Months: Include in Budget
Over 12–60 Months
Related Research

Download our eBook: How to Succeed Using Market Research

Learn how to effectively navigate the market research process to help guide your organization on the journey to success.

Download eBook