Skip to content
Cyber Resilience Manifesto
A Global Initiative

The Cyber Resilience Manifesto.

Cyber resilience is an extension of information security and an evolution of operational resilience. It is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.”

Read the manifestoDownload PDF
PDF
Est. 2024

Cyber
Resilience
Manifesto

Anticipate. Withstand.
Recover. Adapt.

Download the PDF
FocusDigital Survivability
GoalContinuous Operations
FormatTwo PDF Editions

The Core Values

Through this work, we have come to value:

Anticipation of Failure

Over the assumption of perfect security. We accept that systems will inevitably be breached.

Business Survivability

Over threat elimination. The absolute goal is to keep the mission and operations running.

Continuous Adaptation

Over rigid compliance frameworks. Attackers evolve rapidly, and so must our defensive posture.

Collaborative Defense

Over isolated silos. True resilience requires transparent, cross-functional organizational teamwork.

That is, while there is value in the items on the right, we value the items on the left more.

The Principles

We follow these guiding tenets to operationalize organizational resilience.

Read full principles
Principle 01

Assume Compromise

We architect our systems and organizations operating under the assumption that a breach has already occurred or is imminent.

Read detail
Principle 02

Graceful Degradation

When under attack, systems must isolate failures and maintain critical functions, prioritizing partial operability over total collapse.

Read detail
Principle 03

Accelerated Recovery

We invest heavily in the ability to rapidly reconstitute operations, measuring success by recovery time rather than prevention rate.

Read detail

Extending the Principles

Further tenets that govern a resilient organizational mindset.

Princ. 04

Protect What Matters Most

Identify and heavily fortify the absolute critical path of the business, accepting risk in peripheral or non-essential systems.

Princ. 05

Automate the Response

Human reaction time is insufficient during an active event. We mandate automated isolation and pre-authorized response playbooks.

Princ. 06

Measure by Impact

Shift metrics from 'attacks blocked' to 'mean time to recovery' and 'business impact avoided'.

Princ. 07

Security as Code

Embed resilience requirements into the deployment pipeline, ensuring infrastructure is immutable and easily replaced.

Princ. 08

Radical Transparency

Foster a blameless culture around security incidents to ensure rapid reporting and continuous organizational learning.

View All Principles

Actionable Resources

Frameworks and guides to help implement the manifesto.

Guide

Manifesto PDF

Download the formatted manifesto for offline reading, internal circulation, and board-level review.

Download
Matrix

Resilience Maturity Model

Structured evaluation model to score your current organizational posture against the manifesto's core tenets.

Access
Template

Board Communication

Standardized presentation templates designed to align non-technical boards with resilience-based risk management.

Request

Join the Community

Get the PDFs

Request access to the manifesto one-page edition and the full Volume 1 PDF for offline review, board circulation, and internal sharing.

Implementation Forums

Join closed-door digital sessions with leaders who are actively executing the manifesto's principles in complex environments.

Share Your Story

Submit your post-incident learnings and resilience case studies to expand the manifesto's knowledge base.

About the Manifesto

The Cyber Resilience Manifesto was drafted by a coalition of CISOs, engineers, and risk officers who recognize that legacy security paradigms are failing under modern threat landscapes.

It operates as a living document, deliberately prioritizing actionable constraints and system survivability over theoretical completeness or perfect prevention.

Global Standard
Adopted by practitioners across enterprise, infrastructure, and government sectors worldwide.

Community Sponsorship

Cyber Resilience Awareness Day

High Value Target is a sponsor of the global Cyber Resilience Awareness Day at ISSA.

ISSA International
BrightTALK
Global Community
2024
15 talks

First Cyber Resilience Awareness Day Virtual Summit for the community.

2025
13 talks

Second annual summit with the “Resilient by Design” theme.

ISSABrightTALKOct 16 2024

Cyber Resilience Awareness Day Virtual Summit

ISSA International Virtual Summits

High Value Target is a sponsor of the global Cyber Resilience Awareness Day at ISSA.

ISSA is excited to announce the launch of the first Cyber Resilience Awareness Day Virtual Summit for the community, organized by the ISSA Cyber Resilience SIG.

15 talks
View on BrightTALK
ISSABrightTALKOct 15 2025

Cyber Resilience Awareness Day Virtual Summit 2025

ISSA International Virtual Summits

ISSA is proud to announce the second annual Cyber Resilience Awareness Day, hosted virtually by the ISSA Cyber Resilience SIG.

The “Resilient by Design” theme is inspired by the “Secure by Design” concept from the US CISA.

13 talks
View on BrightTALK
Offline Access

Download the complete
manifesto PDF.

Request access to the manifesto one-page edition and the full Volume 1 PDF for offline review, board circulation, and internal sharing.

Download PDFRead online

Next Steps

Resources

CR-CMM Assessment

Evaluate your maturity posture and identify critical gaps against the manifesto.

Cyber Resilience Academy

Master the core principles through comprehensive training and expert programs.

Explore Further

CR-CMM AssessmentCyber Resilience AcademyHigh Value Target

Stay updated

Receive occasional updates on new principles and resources.

Want updates or have feedback?Contact us