Skip to Main Content
Cybersecurity Program Development for Business
book

Cybersecurity Program Development for Business

by Chris Moschovitis
May 2018
Beginner to intermediate content levelBeginner to intermediate
224 pages
6h 26m
English
Wiley
Audiobook available
Content preview from Cybersecurity Program Development for Business

CHAPTER 11Incident‐Response Planning

“You mean to tell me,” complained one executive I worked with, “that after all this work, after endless hours of assessing, valuating, cataloging, classifying, testing, planning, deploying, and educating…now I have to develop an incident‐response plan on top of it all? You'd think we'd be protected to the max!” He groaned. “Can't I at least farm it out?”

“Well, that depends….”

I call this incident‐response planning despair, the dreaded IRPD! It's dreaded partly because it comes toward the end of developing a cybersecurity program, and partly because it is so anticlimactic. It is true that a lot of work, a lot of hard work, has brought you to this point. Now, you are asked to develop a plan for when all your work has failed. Despite it all, an incident has happened, and you need to have a plan to pick up the pieces.

In the 2015 movie The Martian, the main character teaches a group of aspiring astronauts. He tells them:

…At some point, everything's gonna go south on you…everything's going to go south and you're going to say, “This is it. This is how I end.” Now you can either accept that, or you can get to work. That's all it is. You just begin. You do the math. You solve one problem…and you solve the next one…and then the next. And if you solve enough problems, you get to come home.

Honestly, if there is a better description about what an incident‐response plan really looks like, I have not found it!

Incident‐Response Planning: Not Just ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Executive's Cybersecurity Program Handbook

Executive's Cybersecurity Program Handbook

Jason Brown

Publisher Resources

ISBN: 9781119429517Purchase book