BIR 2018 - 17th International Conference on Perspectives in Business Informatics Research

Cyber Resilience refers to an entity’s (e.g. society, organization, and information system) ability to continuously deliver the intended outcome despite adverse cyber events. Today, cyber security is overly focused on protection and information security controls, overlooking response and recovery and developing resilient-by-design systems. And if so the focus is heavily on information systems which leave the security of the business systems separated thus preventing from reaching the state of business resilience. In addition, the management of cyber security is often handled on one level only without a holistic approach to risk communication and risk. Moreover, both systems and organizations have often been designed without built-in mechanisms that can steer adjustments according to quickly changing application situations. To this end, our field should strengthen the focus on addressing resilience of businesses and their information systems in an integrated manner, which would allow establishing the concept of business resilience