Need help now? Call 216.321.7774

A Journey in Organizational Resilience: Crisis Management

From George Platsis, writing in Security Intelligence…

So far in this organizational resilience journey, we have focused mainly on the planning phase, or, as some call it, ‘left of the boom’. For a moment, let’s look at a ‘right of the boom’ (post-incident) theme: crisis management (CM), an important component of your cyber resilience planning.

A good CM plan will be part of a larger governance cybersecurity framework (a topic that we look at in the next piece) and has an emphasis on a vital attribute: communications. Carrying out a CM plan requires knowing roles and responsibilities, when to escalate, when to act, and what (and what not!) to say.

How Cyber Resilience Is Like a Movie

Imagine an incident or cyber resilience crisis to be like a movie. First, you will be introduced to characters (roles). Then, you will learn to understand how they interact (responsibilities). You will then see them respond to an incident (escalation). And finally, see how they respond (act).

In your typical CM plan, your cast of characters will include your security operations center analysts, incident response (IR) team members, supervisors, the chief information security officer, the C-suite, board, general counsel, communications staff and even external partners (think public relations firm, external counsel, external IR consultants, third-party vendors, law enforcement and even news agencies). All these characters have a role to play.

Let’s go back for a moment to the governance issue. If you are running in a disparate manner, the phase after the incident will feel like chaos while your precious data is being stolen or destroyed. It’s like a movie with no script, no character arcs, and the only thing you know for certain is that something bad will happen.

A Boring Movie Is a Better Movie

CM planning is like writing a movie script. Sure, you may make some changes along the way, but for the most part, the story is set. Your CM plan maps out:

  • Roles and responsibilities
  • Interactions between parties
  • Escalation measures and decision matrix
  • Activating involvement
  • Messaging
  • Reporting

For the rest, click here.

Contact Us

Your name Organization name Describe your situation Your phone number Your email address
Leave this as it is