Cyber Resilience and Recovery

Rapid advances in computers, computer code, connected computers and information, communication and digital technologies are transforming the ability of each nation: its government, industries, organizations, and academia (NGIOA) to better identify, collect, evaluate, manage and use its information and data as never before in cyberspace, geospace and space (CGS). The rapid advances in the interconnected and inter-dependent digital networks across CGS has removed the traditional communication barriers to effectively share data and information, unleashing the capacity of digital technology to revolutionize economic, professional, personal and social lives of each one of us across nations. This transformative phenomenon has given rise to the cyber ecosystem: a complex and connected cyberspace-geospace and space (CGS) community of interconnected and interacting devices, networks, things, people and entities across NGIOA: and the environment and ecosystem of its associated infrastructure, processes and technologies supporting these complex interactions. While the cyber ecosystem’s ability to simplify the sharing of data and information has simultaneously given each NGIOA its greatest advantage and its greatest disadvantage, the disadvantages come directly from the security vulnerability of critical infrastructure, information and interests in CGS to theft, alteration, manipulation or destruction of data by criminals or other malicious actors. Irrespective of geographical location, any localized disruptions in cyberspace or through cyberspace can rapidly trigger a cascading sequence of events that can cause widespread disasters across entire CGS networks and communities. This is a cause of great concern. Each entity across NGIOA has been unwillingly and unknowingly exposed to the “unwanted contagion effects” that are prospering in the rapidly expanding cyber ecosystem. While each entity across NGIOA need to transform their use of information, communication and digital technology to maximize benefits, they must simultaneously develop cyber resilience: the ability to powerfully resist, react to and recover from potentially catastrophic cybersecurity threats, and reshape their CGS environments for increasingly secure and sustainable cyber operations.  How can that be achieved?   What is Cyber-Resilience? The term "cyber resilience" refers to any entity’s ability to withstand a cyber-attack by minimizing the disruption or negative impact that the attack has on its ability to conduct its operation in CGS, while simultaneously adapting to the rapid changes in the cyberspace and geospace—to withstand and rapidly recover from disruption due to any and all attacks: irrespective of acts of terrorism, cyber-attacks, pandemics, and catastrophic natural disasters. Each entity across NGIOA needs to have an understanding of cyber-security vulnerabilities as well as cyber-security threats to protect against cyber-attacks originating from either cyberspace or geospace, and have a plan for defending/and or defeating those attacks. In addition, each entity across NGIOA need to: Evaluate the security risks in CGS Identify the systems, data, and hardware in CGS that require security protection within and across enterprise Identify and define the key decision makers within and across enterprise who are responsible for maintaining security in CGS and who can quickly and effectively lead the response plan when an attack occurs Communicate the security resilience and response plan to internal and external executives and management Manage, monitor and report on the security resilience and response plan’s effectiveness within and across the enterprise Cyber-resilient entities that are prepared, do not just rely on traditional antivirus technology solutions and processes to achieve its cyber-resilience, they also identify and use effective leadership within and outside their enterprise boundary, culture, networks,