{"id":7432,"date":"2019-03-05T00:12:18","date_gmt":"2019-03-04T16:12:18","guid":{"rendered":"https:\/\/www.microdium.net\/public\/what-should-a-cyber-incident-playbook-include\/"},"modified":"2019-03-05T00:12:18","modified_gmt":"2019-03-04T16:12:18","slug":"what-should-a-cyber-incident-playbook-include","status":"publish","type":"post","link":"https:\/\/www.microdium.com\/public\/2019\/03\/05\/what-should-a-cyber-incident-playbook-include\/","title":{"rendered":"What should a cyber incident playbook include?"},"content":{"rendered":"<div class=\"K2FeedImage\"><img decoding=\"async\" src=\"https:\/\/www.microdium.net\/public\/wp-content\/uploads\/2019\/03\/1686497496b5223223e0cbefe1fc2cf6_S.jpg\" alt=\"What should a cyber incident playbook include?\" \/><\/div>\n<div class=\"K2FeedIntroText\">\n<p><em>Charlie Maclean Bristol explains why developing a playbook for the main types of cyber attacks will help businesses response effectively when an attack occurs. He also provides a checklist covering the areas that such a playbook should include.<\/em><\/p>\n<p>&#013;<\/p>\n<p>When I first thought about cyber playbooks I envisaged the playbook helping senior management or the crisis team make a key decision in a cyber incident, such as, whether or not to unplug the organization from the internet and prevent any network traffic on the organization\u2019s IT network. As this is a critical decision for the organization and the consequences of making the wrong decision are huge, this type of playbook would help the team understand, at short notice, what factors they should consider and the impact of the different decisions they could make.<\/p>\n<p>&#013;<\/p>\n<p>I was running a cyber exercise a couple of weeks ago and suddenly thought that there was a need for another type of playbook, which is basically a plan for how to deal with different types of cyber attack. As we know, the more planning we do the better prepared we will be for managing an incident, and thinking through how we would respond throws up questions and issues which we can work to solve, without the cold sweat and pressure of the incident taking place.<\/p>\n<p>&#013;<\/p>\n<p>Cyber response should be in two parts. Firstly, you need an incident management team to manage the consequences of the cyber-attack. This team is separate from a cyber incident response team, who should deal with the technical response, and should concentrate on restoring the organization\u2019s IT service. The organization\u2019s incident management team can be the same as the crisis management team, as they are going to be dealing with the reputation and strategic impacts of the incident.<\/p>\n<p>&#013;<\/p>\n<p>&#8230;<\/p>\n<p>&#013;<\/p>\n<p><a href=\"https:\/\/www.continuitycentral.com\/index.php\/news\/technology\/3784-what-should-a-cyber-incident-playbook-include\">https:\/\/www.continuitycentral.com\/index.php\/news\/technology\/3784-what-should-a-cyber-incident-playbook-include<\/a><\/p>\n<\/div>\n<p>&#013;<br \/>\nSource: DRJ New feed<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Charlie Maclean Bristol explains why developing a playbook for the main types of cyber attacks will help businesses response effectively when an attack occurs. He also provides a checklist covering the areas that such a playbook should include. &#013; When I first thought about cyber playbooks I envisaged the playbook helping senior management or the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":7433,"comment_status":"false","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[15],"class_list":["post-7432","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-disaster-recovery-cybersecurity-news-malaysia","tag-about"],"_links":{"self":[{"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/posts\/7432","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/comments?post=7432"}],"version-history":[{"count":0,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/posts\/7432\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/media?parent=7432"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/categories?post=7432"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microdium.com\/public\/wp-json\/wp\/v2\/tags?post=7432"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}