As we’ve seen repeatedly, and even more glaringly in light of recent events, every company needs to plan for how they would respond to a major cyber event. No matter how strong your defensive posture is, any company targeted by a sophisticated and patient attacker can be compromised. A robust response capability is essential to containing the damage and ensuring business disruption is minimized. The key to response is having a real plan that is exercised, tested, refined, and kept current. The time for developing the plan is not when the crisis hits! This chapter outlined nine key questions that companies should consider in formulating their plan on how to respond to a significant cyber crisis. There are key elements: clear delineation of responsibilities, a decision-making process, escalation framework, and crisis communications. Ultimately, the old saying is true—prior preparation prevents poor performance!
Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity