Chapter 1 – Cybersecurity is (Not) an IT Issue
Chapter 2 – Effective Cybersecurity Principles for Boards of Directors
Chapter 3 – Structuring for the Digital Age
Chapter 4 – A Modern Approach to Assessing Cyber Risk
Chapter 5 – The Role of HR Functions in Scaling Cybersecurity and Building Trust
Chapter 6 – Cybersecurity and the Office of the General Counsel
Chapter 7 – Cybersecurity Audit and Compliance Considerations
Chapter 8 – Cyber Supply Chain and Third-Party Risk Management
Chapter 9 – Technical Operations
Chapter 10 – Crisis Management
Chapter 11 – Cybersecurity Considerations During M&A Phases
Chapter 12 – Developing Relationships with the Cybersecurity Team
As we’ve seen repeatedly, and even more glaringly in light of recent events, every company needs to plan for how they would respond to a major cyber event. No matter how strong your defensive posture is, any company targeted by a sophisticated and patient attacker can be compromised. A robust response capability is essential to containing the damage and ensuring business disruption is minimized. The key to response is having a real plan that is exercised, tested, refined, and kept current. The time for developing the plan is not when the crisis hits! This chapter outlined nine key questions that companies should consider in formulating their plan on how to respond to a significant cyber crisis. There are key elements: clear delineation of responsibilities, a decision-making process, escalation framework, and crisis communications. Ultimately, the old saying is true—prior preparation prevents poor performance!
Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity
| 703-907-7090
| admin@isalliance.org
| 2500 Wilson Blvd, #245
Arlington, Virginia 22201
USA
ISA provides cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press.