Cyber Risk Framework – Respond

The number of cyber events continues to increase sharply. This is leading to widespread recognition that some cyber events cannot be stopped. Organizations are improving their prevention capabilities with modern technology and tools while augmenting cyber event detection and response capabilities. Previous segments have dissected portions of the National Institute of Standards and Technology (NIST) cybersecurity framework related to:

• Identify assets to protect
• Protect assets
• Detect threats

The next concept to visit is the respond function. Respond represents the need to develop/implement appropriate activities to take action regarding a detected cybersecurity event. In the past, organizations focused information security efforts on cyber event protection. However, adversaries have modified attack techniques to make protection much more difficult.

Respond and recovery brings together numerous processes and activities, such as business continuity and disaster recovery planning and plan execution. The respond function supports the ability to contain the impact of a potential cybersecurity event. This segment delves deeply into concepts that must be well understood and planned in order to ensure the respond function is effective.

Training for all programs related to cyber security by this trainer are utilizing the framework of the National Institute of Standards and Technology (NIST) as a model. This information is freely available in the public domain. For more detailed information on the framework please refer to NIST.org.