Cyber resilience effort and strategy have traditionally been considered from the position of enabling governments and businesses to deliver the intended outcomes despite disruptions to information and communication systems. There has also been a general focus on the security and resilience of critical information infrastructures, such as industrial control systems, supervisory control, and data acquisition systems, and also on vital sectors, such as telecommunications, banking, and health services.

Despite the tendency for cyber resilience to be framed from narrow technologies and systems domains, it is an attribute of the whole system and should be considered not only from the perspective of the siloed operational domains but also of the interdependent and interconnected cyber ecosystem.