CHAPTER 14: RESPOND AND RECOVER

To be truly resilient, you need to put responsive measures in place to complete the three-pronged prevention–detection–response system. That way, if an attack succeeds despite your best efforts, you can respond to and recover from it efficiently, prioritising your most critical functions and assets.

We have already discussed that incidents happen no matter how strong your security, and how detection works where prevention fails. That said, even very reliable detection will not do much good if there is no response. Having an effective prevention–detection–response system in place also improves your cyber resilience and is a form of defence in depth (see 12.12.8) – even if one measure fails, other measures will ...

Get The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.