Cyber resilience, which is also sometimes referred to as cyber resiliency, is the ability to weather adverse events in a computing environment. The National Institute of Standards and Technology (NIST) defines cyber resilience as “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.” Cyber resilience applies to both physical and virtual assets.

Americans rely on critical infrastructures to protect the nation, maintain a strong economy, and enhance quality of life. These infrastructures—which include the electrical power grid, transportation systems, information networks, banking and finance systems, manufacturing and distribution, and more—are evolving and modernizing. They have become increasingly complex, connected, and vulnerable to adverse conditions, such as cyber and physical attacks.