Interested in hearing how folks define “cyber resilience” for their current org – is it mainly about minimizing risk/potential losses for you, minimizing MTTR, or something else altogether?

It is heavily based on looking holistically and comprehensively at all layers of the stack to have defense in depth at all layers as it is never reasonable to rely on a single control, enforcement point or policy to defend against all cyber attacks.

Well cyber resilience is an ongoing process and we must continuously adapt and improve our cybersecurity measures to address emerging threats and evolving technologies. so the are many management controls to achieve.

"Cyber resilience" refers to an organization's ability to withstand, adapt to, and quickly recover from cyber threats, incidents, and disruptions while minimizing the impact on its operations, assets, and reputation. The specific definition and focus of cyber resilience can vary among organizations, but it generally encompasses more than just minimizing risk or reducing Mean Time to Recovery (MTTR). Here are some common aspects organizations consider when defining cyber resilience:

Minimizing Risk: Cyber resilience involves identifying, assessing, and managing risks associated with cyber threats and vulnerabilities. Organizations focus on implementing preventive measures and controls to minimize the likelihood of successful cyber attacks, such as robust security measures, regular vulnerability assessments, and employee awareness programs.

Rapid Recovery and Continuity: Cyber resilience emphasizes the ability to recover quickly from cyber incidents and disruptions. Organizations strive to minimize the downtime and impact on critical business functions, systems, and services. This includes having incident response plans, backups, and disaster recovery strategies in place to restore operations swiftly and effectively.

Adaptability and Flexibility: Cyber resilience acknowledges the evolving nature of cyber threats and the need for adaptive defenses. Organizations focus on building flexible and scalable security architectures that can respond to new and emerging threats effectively. This may involve implementing advanced threat detection technologies, employing threat intelligence, and staying updated with security best practices.

Business Alignment: Cyber resilience considers the alignment of cybersecurity efforts with the organization's overall business goals and objectives. It involves understanding the potential impact of cyber incidents on critical business functions, assets, and stakeholders. This alignment helps prioritize cyber resilience initiatives and ensures that investments in cybersecurity support the organization's strategic objectives.

Stakeholder Engagement: Cyber resilience recognizes the importance of engaging stakeholders at all levels, including executives, employees, customers, partners, and regulators. Effective communication, collaboration, and coordination among stakeholders help build a culture of cybersecurity awareness, response readiness, and collective responsibility.

Overall, cyber resilience encompasses a holistic approach to cybersecurity that goes beyond risk reduction and MTTR. It focuses on building an organization's capacity to withstand and recover from cyber threats while maintaining critical business functions and protecting its assets and reputation.

Cyber resilience can vary in definition depending on the organization and its specific goals. Generally, cyber resilience refers to an organization's ability to prevent, detect, respond to, and recover from cyber threats and incidents effectively. It involves a combination of strategies, technologies, processes, and people to ensure the continuity of critical operations and minimize the impact of cyber attacks.

For some organizations, cyber resilience may indeed focus on minimizing the risk and potential losses associated with cyber incidents. This could involve implementing robust security measures, conducting regular risk assessments, and establishing incident response plans.

Others may prioritize minimizing Mean Time to Respond (MTTR) to cyber incidents. They might emphasize the speed at which they can detect and mitigate threats, aiming to reduce the overall impact and downtime caused by an attack.

However, it's important to note that cyber resilience can encompass broader aspects as well. Some organizations may view it as a holistic approach that includes not only risk mitigation and MTTR but also fostering a culture of security awareness, investing in employee training, and promoting proactive measures to prevent cyber incidents.

Ultimately, the definition of cyber resilience can vary based on an organization's specific needs, industry, regulatory requirements, and overall risk appetite.

It's a combination of things as many of the other respondents have mention.  Prevent - be a hard target by keeping your systems up to date and have a defense in depth approach.  Detect - be vigilant in your monitoring so you can identify systems at risk (and fix them) and systems that are acting peculiar (so you can shut them down, even if only temporarily). Repair - have resilience through your DR/BCP systems, just in case.  The knowing is easy, the doing is the hard part.  Test all of these systems thoroughly and often.  If that's really difficult for you to do, that's the sign that you haven't gotten it right yet.