Cyber Crisis Management Blueprints
The art of understanding what a crisis is and managing it is key. Enterprises need to have clear Blueprints and Frameworks established to respond to a crisis like a Ransomware attack:
1. Incident Response Plans with defined roles and responsibilities
2. Playbooks with the course of actions (CoA) to respond – both technical and management levels.
3. A system to regularly conduct TableTops and drills – clear after-action reports (AAR) to get better in response time after each drill.
4. Take up real case studies like this and see how your organization would respond. Have a catalog of them handy to tell stories to your organization.
5. Have a quick framework for identifying the adversary and Ransomware family.
Understanding when a cyber incident has the potential to become a cyber crisis, and consequently activating the crisis response process in a timely manner constitutes an extremely sensitive and fundamental step.
The transition from incident to crisis, in fact, embodies the shift from a tactical to a strategic level
of response, allowing the organization to have a more holistic and proactive handling of the situation.
Notes on the ENISA document are key. Please mail to venkat@flexibleir.com to get further details.
Ransomware Response Bootcamps – 2-day program, 1-day program, 4-hour program
FlexibleIR conducts Ransomware response boot camps to get you prepared for handling an attack. Some of the topics covered are detailed at – LINK
