Published: December 1, 2018
Citation: IEEE Security & Privacy vol. 16, no. 6, (November/December 2018) pp. 71-75
Author(s)
Xiaoyan Sun (California State University), Peng Liu (Penn State University), Anoop Singhal (NIST)
Cyberresiliency is the capability of an enterprise network to continuously provide (the supported missions and business processes with) essential functions in the midst of an attack campaign. It is defined as "the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that include cyber resources." Conceptually speaking, the capability can be measured by whether the supported missions and business processes can succeed in spite of the various effects being caused by the attack campaign.
Cyberresiliency is the capability of an enterprise network to continuously provide (the supported missions and business processes with) essential functions in the midst of an attack campaign. It is defined as "the ability to anticipate, withstand, recover from, and adapt to adverse conditions,...
See full abstract
Cyberresiliency is the capability of an enterprise network to continuously provide (the supported missions and business processes with) essential functions in the midst of an attack campaign. It is defined as "the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that include cyber resources." Conceptually speaking, the capability can be measured by whether the supported missions and business processes can succeed in spite of the various effects being caused by the attack campaign.
Hide full abstract
Keywords
threat modeling; cloud infrastructure; attack surface; attack tree; attack graph; security metrics
Control Families
None selected