Cyber resilience, the ability for positive adaptation in the face of adverse cyber events, is seen as an evolution in the cybersecurity posture of organizations and countries. It represents a mindset shift from protection and avoidance of adverse cyber events and the development of fail safe systems to anticipation and planning for adverse cyber events, including the development of systems that are safe to fail. At the national level, the adoption and incorporation of resilience thinking in the national cybersecurity strategies is given impetus by several factors, including the inevitability of both known and unknown cyber risks, as well as the demands for holistic resilience from multilateral frameworks, including the United Nations 2030 Sustainable Development agenda, the New Urban Agenda, and the Sendai framework. This report presents findings from a review of the national cybersecurity strategies of several countries in the Asia Pacific region. The review is framed along several lines of inquiry that explore the extent to which the countries incorporate whole of society cyber resilience in their national cybersecurity strategies. While most countries give recognition of the importance of cyber resilience, few countries provide a detailed operationalization of cyber resilience in their strategies. Not surprisingly, the pattern, that countries with higher cybersecurity maturity have a more nuanced articulation of cyber resilience, is noted from the review. However, some countries with lower cybersecurity maturity are noted to provide more apparent avenues for the engagement of civil society stakeholders, including third sector organizations, in the cybersecurity strategies. The report advances the importance of considering cyber resilience at the individual, community, national and global levels, and makes recommendations on how countries could operationalize whole of society cyber resilience.
Source: United Nations University, https://collections.unu.edu/view/UNU:7760