Tracing the evolution of cyber resilience: a historical and conceptual review

Abstract

In 2000, during a time when cyber security research was focused on the risks and threats posed by digital systems, the notion of being able to withstand and recover from cyber attacks, also known as cyber resilience, emerged. Recently, this concept has gained increasing attention due to the COVID-19 pandemic and the rapid acceleration of digitalization. While experts acknowledge the distinction between cyber security and cyber resilience, the exact definition and evolution of the latter remain somewhat ambiguous. The aim of this paper is to offer a thorough comprehension of how the notion of cyber resilience has developed throughout history. It delves into the concept of cyber resilience and its progression over time in response to the rising frequency and complexity of cyber threats. Cyber resilience, a new concept, has gained significant recognition as a critical component of cyber security strategy across diverse sectors, encompassing public and private domains alike. It begins with an overview of the definition and key components of cyber resilience and then traces the origin of the concept from its early development in the 2000s. The paper also explores the major milestones and events that have shaped the evolution of this capacity, including changes in technology and societal factors, up to the COVID-19 pandemic outbreak. This study provides valuable insights into future challenges for ensuring the continued resilience of digital infrastructure by examining the historical and contextual factors that have influenced the concept.