The True Meaning of Cyber Incident Response
Henry Jiang
Introduction: The Next Frontier of Risk Management: Cyber Risk
A Proposed Business-Oriented Approach to Cyber
A Practical Approach to Developing a Cybersecurity Programme
Regulations, Compliance and Cyber Risk Management
The Role of Cyber Risk in the Organisation
The Evolution of the Cyber Risk Role within the Three Lines of Defence
Quantifying Cyber Risk
Leadership and Culture: The Foundations of Cyber-Risk Management
Understanding the Cyber Risk Landscape: An Integrated Framework
The Transformation of Information Security: New Threats and Vulnerabilities
Cybersecurity Metrics: The Good, the Bad and the Ugly
Third-Party Risk Management
Cybersecurity’s Neighbourhood Watch: The Strength of Information Sharing
Cyber Risks in Business Continuity Management and Supply Chain Resilience for Financial Institutions
Cybersecurity Threats to the Critical Infrastructure
The True Meaning of Cyber Incident Response
Cyber Risk: Where We Have Been, Where We Are and Where We Are Going
INTRODUCTION
As reported cybersecurity incidents increase year after year, many enterprises are shifting their cybersecurity operations from a perimeter-centric model to a more risk-centric model that looks at threats beyond just server-side breaches. In this ever-changing cybersecurity landscape, incident response has become a crucial component of organisation’s cybersecurity programme. Yet when discussing the subject of incident response, many firms find themselves not familiar with common practices in dealing with all aspects of incident response, from the governance level all the way down, to develop a tangible workflow that encompasses people, progress and technologies.
In this chapter, we examine the true meaning of incident response, which is based on common frameworks and published standards, as well as real-world examples to assist organisations to develop and to enhance their own incident response capabilities.
DEFINING CYBERSECURITY INCIDENTS
“Have we ever been breached?”
Many organisations, including the ones that have yet established a robust cybersecurity programme, often face that simple but direct question from shareholders, boards of directors, the
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net