The National Institute for Standards and Technology (NIST) has released its new Guide for Cybersecurity Event Recovery. This is a free publication available for download at https://doi.org/10.6028/NIST.SP.800-184.
While the Guide is written originally for government use, I think it will be equally useful for the business community. To date, the primary Cybersecurity focus in the business world has been on prevention. Unfortunately, the hackers are continually advancing ahead of the defensive technologies and finding their way into what most will consider secure networks. They are doing this by targeting not just technology, but people, processes and the vast amount of social engineering data available from social media sites.
While defensive measures remain a necessity, training and response have become more important than ever. This new Guide seeks to clarify what a breached entity should be concerned with and do. It is an excellent resource to help you develop containment and recovery strategies to minimize the impact of a successful breach into your network.
The Guide is 53 pages long and I encourage you to read it. I am certain you will find valuable information and strategies that will help you in the event your business should discover that you have been hacked. The guide is technology neutral, so it focusses on the risk from an appropriate level, regardless of the technologies you have invested in. It also lays out ten specific recommendations for containment and response.
Major themes are planning, continuous improvement, recovery metrics and building a playbook. There are even two example scenarios to review that will help bring everything into context. There are also several useful appendices that provide a wealth of additional information to review.
Give it a read, you’ll be glad you did.