What Is Cyber Resilience?

Cyber resilience is the ability to prepare for, respond to and recover from cyber attacks. As ransomware and malware attacks are rising globally, companies are preparing for a compromised future.

March 26, 2021 3 minute read

Many global organizations now regard state-sponsored cybersecurity attacks as a major threat. Ransomware attacks have become the most lucrative cyber-crime area — in 2020 approximately 58% of ransomware victims paid versus 39% in 2017. It's no wonder — attacks ranging from nuisance malware to more sophisticated attacks can cripple an entire organization.  

To mitigate cybersecurity risks, organizations of all sizes and industries are exploring more robust capabilities and frameworks to respond to these attacks. This advanced capability is called cyber resilience. It gives an organization the ability to prepare for, withstand, recover from and adapt to adverse conditions, stresses, attacks or compromises on cyber resources.

What is cyber resilience? 

Cyber resilience is the ability to prepare for, respond to and recover from cyber attacks. Most organizations have business continuity (BC) and disaster recovery (DR) plans in place. These plans tend to be broad — covering many applications and services — but are typically designed for scenarios when just a few apps, services or a data center go offline due to a single event such as a flood, tornado or hurricane. What these plans don’t account for are events where the entire IT ecosystem is at risk. Many organizations see cyber resilience as an extension or evolution of their BCDR strategy

​Cyber resilience focuses on scenarios where the entire  IT ecosystem, including everything from end-user devices to core IT services, is affected by a cyber event. Cyber resilience plans are activated only after traditional disaster recovery plans have proven ineffective, typically due to data and systems compromised by malware. In this crisis scenario, only mission-critical services are rebuilt and maintained to keep an organization alive while recovering. 

What is cyber recovery? 

Cyber recovery, also called isolated recovery, is a data protection solution intended to address the risk associated with ransomware attacks and other critical cyber attacks. It replicates and isolates business data to limit the impact on the business.

It’s essential to distinguish cyber resilience from cyber recovery, which is a core piece of a a larger cyber resilience plan. Cyber recovery only recovers a recent, clean copy of application and service data. Cyber resilience is broader and addresses recovery of all services and infrastructure needed to run critical business services. It accounts for application services like Active Directory (AD), Key Management Systems (KMS), Public Key Infrastructure (PKI) and Domain Name System (DNS), in addition to the data that a cyber recovery solution provides. 

Learn more

WWT’s cyber resiliency solution weaves people, process and technology considerations together to provide a complete solution for our customers to recover from a cyber event. We want to invite you to a briefing with WWT experts to explore how to best protect your organization from cyber events.  

Learn more about our cyber resiliency services.
Share this