Organizations across all industries increasingly rely on digital information to execute their business processes and support core business functions. Digital information that is of value to enterprises is also often a valuable and appealing target for threat actors. As a result, it requires protection in the same way as assets do in the physical world. Organizations implement safeguards to minimize risk arising from internal and external factors that might have a detrimental impact on their business. Cyber breach response plays a vital role in this process.

Building an effective cyber breach response program starts with strategy. Strategy is a process that allows organizations to achieve a vision and ensure that everyone is working toward the same goal. It enables this by providing a sense of direction and helping enterprises set measurable goals. A sound strategy also allows organizations to align capabilities to business objectives and manage residual risk when other controls fail.

This chapter discusses relevant foundational cybersecurity concepts, explains drivers for cyber breach response, and discusses the critical building blocks of strategy relating to cyber breach response.

Evolving Threat Landscape

Cyber breach response is typically a part of a more comprehensive cybersecurity program. Enterprises build cybersecurity programs to manage cyber risk and to ensure that they can continue business operations during significant ...