CybersecurityDeveloping cyber resilience to meet increasing cyberthreats

Published 27 November 2013

Managing resilience for cyber systems requires metrics that reflect the relationships among system components in physical, information, cognitive, and social domains. In a paper, researchers describe a framework for understanding the concept of cyber resilience, and lay out a systematic method by which to generate resilience metrics for cyber systems.

Managing resilience for cyber systems requires metrics that reflect the relationships among system components in physical, information, cognitive, and social domains.

Cyber threats are rapidly emerging as one of the primary security concerns for the nation and global community as targeted cyberattacks can cause severe consequences to critical infrastructure and sectors of the economy. Recent calls for action, including President Obama’s Executive Orders 13636 and Presidential Policy Directive 21, have brought the concept of “resilience” in the face of cyber attacks to the forefront of the nation’s consciousness.

A Springer release reports that in a recent special issue Environment Systems & Decisions, Dr. Igor Linkov and colleagues describe a framework for understanding the concept of cyber resilience, and lay out a systematic method by which to generate resilience metrics for cyber systems.

Resilience is the capacity of a system to withstand and recover quickly from both known and unknown threats. The study describes that managing for resilience has been difficult because the concepts of resilience and risk have been conflated and have tended to focus on narrowly defined system components or on specific networks. However, the definition of cyber systems must be expanded to include rich and varied physical, information, cognitive and social networks — or “domains” — that form an integrated whole. Thus, the discussion of resilience should recognize the role of cross-domain communication before, during and after adverse events such as cyberattacks or natural events that may disrupt the functionality of cyber systems.

The study suggests combining the military concept of network-centric operations, and the U.S. National Academies’ definition of resilience response stages to quantify and manage the resilience of a cyber system. Together, these factors form a matrix wherein a system’s resilience may be quantified using tools of multi-criteria decision.

Regarding cyber resilience, the study describes, “Transition from risk-based approaches focusing on identifying individual vulnerability and fixing them one-at-a-time, to building a whole system for resilience, is required to deal with interconnected global risks and sophisticated adversaries. The resilience matrix approach is just the first step in the process which will lead us to formulating and quantifying resilience as a network property of the system.”

— Read more Igor Linkov et al., “Resilience Metrics for Cyber Systems,” Environment Systems & Decisions (25 November 2013) (DOI: 10.1007/s10669-013-9485-y)