Recovery and reconstitution

Recovery and reconstitution refer to the capabilities needed in the wake of a cyber attack to restore the functionality and availability of networks, systems, and data. Recovery and reconstitution methods must be adequate to cope with the consequences of cyber attacks that are carried out quickly, cause extensive damage, and propagate in uncontrolled ways.

Recovery and reconstitution must be addressed and implemented in all aspects of a system – networks, operating systems, middleware, applications, and data. Capabilities for timely recovery and reconstitution are especially important in mission-critical systems, which must be able to degrade gracefully, meaning that they must be able to survive a cyber attack even if damaged and recover to an operable state that sustains mission-critical functions. Systems must be made self-healing and self-restoring to as great a degree as possible.