Improving Metrics in Cyber Resiliency: A Study from CSA
Blog Article Published: 08/30/2017
By Dr. Senthil Arul, Lead Author, Improving Metrics in Cyber Resiliency With the growth in cloud computing, businesses rely on the network to access information about operational assets being stored away from the local server. Decoupling information assets from other operational assets could result in poor operational resiliency if the cloud is compromised. Therefore, to keep the operational resiliency unaffected, it is essential to bolster information asset resiliency in the cloud. To study the resiliency of cloud computing, the CSA formed a research team consisting of members from both private and public sectors within the Incident Management and Forensics Working Group and the Cloud Cyber Incident Sharing Center. To measure cyber resiliency, the team leveraged a model developed to measure the resiliency of a community after an earthquake. Expanding this model to cybersecurity introduced two new variables that could be used to improve cyber resiliency.
- Elapsed Time to Identify Failure (ETIF)
- Elapsed Time to Identify Threat (ETIT)