As we’ve seen repeatedly, and even more glaringly in light of recent events, every company needs to plan for how they would respond to a major cyber event. No matter how strong your defensive posture is, any company targeted by a sophisticated and patient attacker can be compromised. A robust response capability is essential to containing the damage and ensuring business disruption is minimized. The key to response is having a real plan that is exercised, tested, refined, and kept current. The time for developing the plan is not when the crisis hits! This chapter outlined nine key questions that companies should consider in formulating their plan on how to respond to a significant cyber crisis. There are key elements: clear delineation of responsibilities, a decision-making process, escalation framework, and crisis communications. Ultimately, the old saying is true—prior preparation prevents poor performance!
Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity
Gary McAlum is the Senior Vice President and Chief Security Officer at USAA. Prior to USAA, he served in the US Air Force for 25 years in a variety of staff and leadership positions within the information technology career field including telecommunications, deployable and satellite communications, network operations, and information security and with the front line of cyberspace operations for the Department of Defense. He holds a bachelor’s degree in Mathematics from The Citadel, a master’s degree in Management Information Systems from the University of Arizona, and a master’s degree in national resource strategy from the Industrial College of the Armed Forces. In addition, he is Certified Information Systems Security Professional (CISSP) and a Certified Fraud Examiner (CFE).