Cyber Resiliency Engineering Overview of the Architectural Assessment Process

Missions, business functions, organizations, and nations are increasingly dependent on cyberspace where attacks are no longer limited to simple discrete events such as the spread of a virus or a denial-of-service attack. Therefore, architecture and systems engineering must assume systems or components have been compromised and missions and business functions must continue to operate despite compromises. A growing number of technologies and architectural practices can be used to improve resilience to cyber threats. However, these improvements come with costs as well as benefits. Cyber resiliency assessments are intended to identify where, how, and when cyber resiliency techniques can be applied to improve architectural resiliency in a cost-effective way.