Recovery from a cybersecurity incident is a critical aspect of today’s business plan. Due to the number and level of cyber threats, organizations are best to assume some type of incident “will” occur rather than assuming it “will not occur”.
The recover function is the final step in the National Institute of Standards and Technology (NIST) Cybersecurity framework. NIST defines an event as any observable occurrence in a system or network. An incident is defined as a violation of acceptable policies, or security policies and best practices. A cyber event is a specific cybersecurity incident or set of related cybersecurity incidents that result in the successful compromise of one or more information systems.
Capabilities in the Recover function have a significant effect by providing realistic data for improving other capabilities.The Cybersecurity Strategy and Implementation Plan (CSIP) defines recover as:
- The development/ implementation of plan/ processes/procedures for recovery and full restoration, in a timely manner, of capabilities or services that are impaired due to a cyber event.
Recovery according to NIST involves adequate recovery planning, improvement implementation and communication. This session explores each of these components along with various elements which will assist the organization in planning for an effective recovery.
Training for all programs related to cyber security by this trainer are utilizing the framework of the National Institute of Standards and Technology (NIST) as a model. This information is freely available in the public domain. For more detailed information on the framework please refer to NIST.org.
Learning Objectives
- Explore the purpose and objectives of the Recovery phase in a cyber risk assessment.
- Identify elements required for recovery planning.
- Explore Recovery planning development of procedures.
- Identify processes to initiate Recovery planning procedures.
- Explore the strategic component of the Recovery process.
- Identify the root cause of incidents.
- Explore improvement methods for the Recovery phase.
- Explore communication methods for the Recovery phase.
Included In Certifications
This course is included in the following Certification Programs:
13 CoursesCorporate Cyber Security Certification
- Cyber Threat – The Modern-Day Fraud: Breaches and Actions
- A Primer on Cyber Security Programs and Roles
- Cyber Risk Frameworks And Concepts
- Cyber Risk Framework - Identify Assets
- Cyber Risk Framework - Prioritize Assets
- Cyber Risk Framework - Protect Assets
- Cyber Risk Framework - Detect Part One
- Cyber Risk Framework - Detect Threats Part Two
- Cyber Risk Framework - Respond
- Cyber Risk Framework - Recover
- Cyber Risk Framework - Utilizing The Tier Approach
- Fraud and Personal Identity Theft
- Fraud and Business Identity Theft
14 Reviews (64 ratings)
Prerequisites
No Advanced Preparation or Prerequisites are needed for this course. However, it is recommended to take the other courses in the series prior to completing this one.