Guidance Recover 17

Guidance Note:

Government, law enforcement, internet companies, individual users, ISPs and businesses should all be working together to protect networks, follow good cyber-hygiene, mitigate threats and bring offenders to justice. This is especially important with regards to information sharing and consultation.

------

The government, including its National Cyber Security Centre run all sorts of outreach, seminar and training programmes to co-ordinate with organisations all across the world. Making sure your business is tied in with the latest programmes guarantees proper resilience in a dangerous world.

Guidance Recover 16

Guidance Note:

The purpose of business continuity planning (BCP) and disaster recovery planning (DRP) is to enable a business to continue offering critical services in the event of a disruption and to survive a disastrous interruption to activities. This is especially important for recovering from a cyber-security incident.

------

A business recovery plan ensures you can get hit but keep going. Your most important business services should have a plan to keep afloat through back-ups and recovery preparation.

Guidance Respond 15

Guidance Note:

Security awareness training incorporating the latest cyber-security news and events can be performed in a variety of ways that can be utilised alone or in conjunction with each other. Those mediums can consist of a more thorough classroom-style training, creation of a security-awareness website, pushing helpful hints onto computers when users start them up and/or e-mailing helpful hints on a weekly or monthly basis, and utilising visual aids like posters.

------

The only way to make sure that your defences are as up to date as possible is to study other cyber- security incidents that are occurring all over the world. By learning from other's misfortunes, you can ensure you're better prepared to stop attacks.

Guidance Respond 14

Guidance Note:

Ensuring that all personnel have an understanding of sensitive information, common security risks, and basic steps to prevent security breaches is vital to preventing potential compromising of data.

------

Your organisation is only as strong as the people in it. This is simply making sure they know what to do if something awry happens and can recover properly.

Guidance Respond 13

Guidance Note:

Incident response is a formal programme that prepares an organisation for an incident. Incident response generally includes:

  1. Preparation to establish roles, responsibilities and plans for how an incident will be handled
  2. Detection and Analysis capabilities to identify incidents as early as possible and effectively assess the nature of the incident
  3. Investigation capability if identifying an adversary is required
  4. Mitigation and Recovery procedures to contain the incident, reduce losses and return operations to normal
  5. Post-incident Analysis to determine corrective actions to prevent similar incidents in the future

------

Being fully prepared for how exactly to respond to a major incident that damages your organisation, including how important the different parts of your organisation are and how quickly each has to recover to full capacity is extremely important.