8 Steps to Better Security by Crawley Kim;

8 Steps to Better Security by Crawley Kim;

Author:Crawley, Kim; [Crawley, Kim]
Language: eng
Format: epub
Publisher: John Wiley & Sons, Incorporated
Published: 2021-08-13T00:00:00+00:00


Respond

When anomalies and events happen that may indicate cyber incidents, if we have established the first three functions of the NIST Cybersecurity Framework, we'll be able to notice them clearly and quickly. This leads to the fourth function, Respond, which is their equivalent to the identification or analysis phase in the generic incident response cycle. The response function has six tasks.

At this point, we have made sure that if something suspicious happens in our networks, we can see it. Now we have to do something about it. How your organization responds to a possible cyberattack can make all the difference to your cyber resilience, public reputation, and corporate bottom line. A fast, thorough, and effective response can make a huge difference when it comes to how much harm cyber attackers can do to your precious data assets and systems. Like some forms of cancer, if you catch it quickly, you may even be able to get rid of it completely. The most destructive cyberattacks are the ones that are given plenty of time to do as much damage as they possibly can. You have to make sure your organization is able to fight back ferociously and quickly.

To respond to cyber incidents effectively, the first task is to plan your incident response. Your organization should delegate a CSIRT. Then, you should sit down with your CSIRT and develop plans for addressing a variety of different types of cyber incidents. What should you do if you discover a data breach or malware that affects multiple clients, servers, and networking devices in your network? What if there are indications of an advanced persistent threat in your network? What if multiple devices in your network are hit with distributed denial-of-service (DDoS) attacks simultaneously? Your CISO and other cybersecurity specialists should have a good idea of the different types of cyber threats your network may face. Make sure your organization designs many specific incident response procedures, and make sure you all understand what each of you is supposed to do in each situation. Think of it like doing a fire drill. These incident response procedures may be conducted during and after a cyberattack, depending on the specifics of the situation.

This task is largely the responsibility of your CISO, your legal team, and your public relations team. Depending on the nature of the incident, you may need to contact law enforcement to initiate a thorough criminal investigation. Determine whether the incident has affected your supply chain, your customers, or other stakeholders. If so, how has the incident affected them, or how may it affect them in the near future? Take all of that information and, with the help of legal and public relations specialists, determine how you should be communicating with them about the incident. Also consider your regulatory compliance responsibilities. For example, some data privacy regulations mandate that data breaches are publicly reported within a certain timeframe or else your organization could face expensive fines.

Once a cyber incident has happened, it's time to figure out why and to determine the effectiveness of your response.



Download



Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Popular ebooks
Cybersecurity: The Beginner's Guide by Dr. Erdal Ozkaya(1681)
Digital Forensics and Incident Response - Second Edition by Gerard Johansen(1482)
Network Security Strategies by Aditya Mukherjee(1388)
Modern Cryptography for Cybersecurity Professionals by Lisa Bock(1351)
Practical Cybersecurity Architecture by Diana Kelley Ed Moyle(1350)
Web Penetration Testing with Kali Linux - Third Edition by Gilberto Nájera-Gutiérrez(797)
Web Application Obfuscation by Mario Heiderich & Eduardo Alberto Vela Nava & Gareth Heyes & David Lindsay(598)
Cybersecurity - Attack and Defense Strategies by Erdal Ozkaya & Yuri Diogenes(593)
GCIH GIAC Certified Incident Handler All-in-One Exam Guide by Nick Mitropoulos(496)
Kali Linux Penetration Testing Bible by Gus Khawaja(442)
Cybercrime Investigations by John Bandler(435)
The Hardware Hacking Handbook by Colin O'Flynn(421)
Kali Linux: Testing Your Network: How to Test Infrastructure Security with Security Testing and Penetration Testing by Eltrinos Frank(370)
Computer Hacking Forensic Investigator Exam Workbook: 500+ Questions & Answers for ECCouncil 312-49: Updated 2020 by Aries+ Centre(369)
The Big User-Friendly Cyber Security Gaint - Palo Alto Networks: An Ultimate Guide To Secure Your Cloud And On-Premise Networks by Purackal Rachel Sebastian(346)
Security in Computing, 5e by Charles P. Pfleeger & Shari Lawrence Pfleeger & Jonathan Margulies(335)
Penetration Testing and Reverse Engineering: Intrusion Detection Systems and e-Commerce Websites by Rob Kowalski(331)
8 Steps to Better Security by Crawley Kim;(321)
Security, Privacy and User Interaction by Unknown(299)
Cybersecurity: A Self-Teaching Introduction by C.P. Gupta & K.K. Goyal(293)