11FAILURE RECOVERY
When we accept that breaches are inevitable, it raises a logical question: “What then?” and directs us toward the answer we need: “Failure recovery.”
Many organizations are stuck in a cycle of
- Being surprised by a compromise
- “Cleaning up on aisle 9”
- Spending more on cleanup than they could have (or should have) spent on prevention
Since compromise is indeed an impending reality for everyone, failure recovery is one of the most critical aspects of an effective cybersecurity strategy. After learning the hard way, some prominent CISOs will be quite forthright in assuring you that “cleanup on aisle 9” is a deeply unsatisfying tactical response to a serious data breach—especially if that clean up causes an entire network to be down for days.
As speed accelerates the rate of digital business, a poorly implemented or poorly conceived failure recovery plan can often unleash an even greater level of loss than the breach itself. Not only must an organization contend with the extraordinary costs of the breach and the need to re-secure a network, but they must do it while in the freefall of post-crisis negative sentiment, loss ...
Get The Digital Big Bang now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.