User:Shawndouglas/sandbox/sublevel3

From LIMSWiki
Jump to navigationJump to search

A lot of this material has already been developed as part of your overall cybersecurity plan, but it is all relevant to developing incident response plans. Having the list of technological components and their criticality will help you create the organizational hierarchy of the various aspects of your incident response and business continuity plans. Having the formal recovery processes in place beforehand allows your organization to develop training exercises around them, increasing preparedness. Application dependency mapping allows you to "understand risk, model policy, create mitigation strategies, set up compensating controls, and verify that those policies, strategies, and controls are working as you intend to mitigate risk."[1] Knowing who's in charge of what aspect of recovery ensures a more rapid approach. And having a communication and information sharing strategy in place helps to limit rumors and transparently relate what happened, what's being done, and what the future looks like after the cyber incident.

References

  1. Kirner, P.J. (9 August 2017). "You need a map to evolve security". Time for a {r}evolution in data center and cloud security. Illumio. Archived from the original on 04 December 2019. https://web.archive.org/web/20191204160526/https://www.illumio.com/blog/security-evolution-application-mapping. Retrieved 23 July 2020.