Security Resilience: Contemporary Thinking
Security resilience means the ability of an organisation to resist the impact of or recover from an abnormal event. The objective is often evidenced through business continuity and disaster recovery strategies.
Two basic methods to build resiliency in an organisation involve redundancy and diversity. Redundancy basically means there are duplications within a system such as alarms or monitoring so if there is a system failure there will be an immediately available backup or alternative system. Diversity within a security system means where a system fails and there is a redundant system, the components and communication methods that apply within the systems should be different so any failures in one will not arise in the other.
Critical infrastructure is one example where redundancy and diversity must apply.
Security leaders should carefully review their systems and consider the benefits of a redundant and diverse system.