What Risk Resilience Measures Can I Use?

Abstract

The question “What resilience measures can I use?” addresses how to reduce the impact and consequences of successful cyberattacks. The chapter begins with a case study analyzing how Capital One recovered after being hacked and highlighting how your organization can use planning to facilitate cyber resilience. It illuminates the technical means for enabling resilience from an attack, including virtualization and maintaining backups. It defines a ten-step process for responding to cyberattacks: prevention, planning, preparation, detection, analysis, containment, communication, eradication, recovery, and post-event analysis. The chapter explains how an organization can build a computer security incident response team (CSIRT) to facilitate this process, and what role a cyber crisis communication plan should play. The chapter concludes with Rosenbach’s Embedded Endurance strategy experience supporting the White House in crafting a national cyberattack resilience and response plan.