Swipe to navigate through the chapters of this book
When does a cybersecurity incident become a crisis? Generally, when it has enterprisewide impact or when it requires activation of disaster recovery plans, it's a crisis. It's when a single compromised server becomes ten compromised servers, then a hundred, and pretty soon the entire data center is infected, damaged, or worse. Over the past several years, there have been several public instances of massive IT crises including Saudi Aramco in 2012 and Sony Pictures Entertainment in 2014. Smaller incidences occur every day, outside of the public eye. This chapter describes how things change when a crisis occurs and how enterprises behave under the duress of a crisis situation. The chapter also describes techniques for restoring IT during a crisis while simultaneously strengthening cybersecurity to protect against an active attacker who may hit your enterprise again at any moment.
Please log in to get access to this content
To get access to this content you need the following product:
This poster was developed in Great Britain as part of the preparation for World War II, but was not widely distributed at the time. The British government kept it in storage for use in case of a devastating German attack. It was rediscovered in 2000 and has since become quite popular.
- Managing a Cybersecurity Crisis
Scott E. Donaldson
Stanley G. Siegel
Chris K. Williams
- Sequence number
- Chapter number
- Chapter 10