Home // CYBER 2024, The Ninth International Conference on Cyber-Technologies and Cyber-Systems // View article
Authors:
Anne Coull
Keywords: cyber resilience; recovery; major cyber security incident; playbook.
Abstract:
As the threat landscape continues to escalate, organisational leaders are realising that they cannot prevent every cyber incident. The cyber security lens is shifting its focus toward the need for resilience, and the ability to recover from Major Cyber Security Incidents. Cyber incident recovery differs from every day IT incident recovery. The threat actors will have been in the systems domain establishing a foothold, installing malware, and exfiltrating data prior to their presence being noticed. Following the standard IT recovery playbooks will exacerbate the situation, causing confusion and delays. Preparation is the key to cyber incident and recovery readiness. This paper outlines a practical approach for IT and cyber operational teams to apply that will prepare them for major cyber events so that in the heat of an incident, they have the tools at hand, the confidence, and the capability to deal with the situation and the ability to recover within resilience appetite and tolerance.
Pages: 31 to 37
Copyright: Copyright (c) IARIA, 2024
Publication date: September 29, 2024
Published in: conference
ISSN: 2519-8599
ISBN: 978-1-68558-186-2
Location: Venice, Italy
Dates: from September 29, 2024 to October 3, 2024