Manifesto Chapter 01

The Cyber Resilience Manifesto

Cyber resilience is an extension of information security and an evolution of operational resilience. It is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.”

Cyber resilience is an extension of information security and an evolution of operational resilience. It is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.”

Cyber Resilience Manifesto

Chapter 01

Definition and operating posture

The manifesto starts with a simple premise: cyber resilience is not an abstract security aspiration. It is a practical operating capability built to preserve mission continuity under adverse cyber conditions.

Definition

Cyber resilience

The ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on cyber resources.

Reference: NIST SP 800-160 Vol. 2

Core posture

Design for survivability

The goal is not perfect prevention. The goal is to preserve critical operations, protect what matters most, and restore trusted capability fast.

Four goals of cyber resilience

Cyber resilience is only useful when it can be expressed as concrete organizational goals. These four goals define what resilient organizations should be able to do before, during, and after disruption.

Goal 01

To anticipate

Understand likely threats, exposed pathways, and fragile dependencies early enough to shape architecture and response before the incident begins.

Goal 02

To withstand

Maintain essential performance under stress so the enterprise can continue operating even when parts of the environment are degraded or compromised.

Goal 03

To recover

Restore critical services, trusted data, and business confidence with rehearsed procedures, validated dependencies, and clear ownership.

Goal 04

To adapt

Use evidence from incidents, exercises, and external events to improve systems, priorities, and behaviors before the next disruption arrives.

Resilience in time

A cyber incident unfolds faster than recovery

Resilient organizations anticipate before the event, withstand the initial shock, recover critical capability in sequence, and adapt before the next disruption arrives.

The challenge is that attack execution often happens in hours or days, while restoration can take weeks or months. The enterprise has to be designed for that mismatch.

A timeline that visualizes how resilient organizations anticipate, withstand, recover, and adapt across an attack. — Cyber resilience demands the ability to anticipate, withstand, recover, and adapt across a timeline in which operational pressure escalates faster than most organizations recover.

Manifesto Navigation

Chapter 01: Definitions

Use the back and forward buttons to read in order, or jump directly to any chapter.

BackStart of manifesto

ForwardStrategyChapter 02

Definitions

Strategy

Critical Assets

Architecture

Outcomes