Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover
Table of Contents
Praise for Cyber Mayday and the Day After
Title Page
Copyright
Introduction: Setting the Global Stage for Cyber Resilienceintroduction
A NEW SENSE OF CYBER URGENCY
A PEEK BEHIND THE CURTAINS, AND THE MAKING OF CYBER MAYDAY AND THE DAY AFTER
THE THREE-PART BREAKDOWN
NOTES
PART I: A Leader's Guide to Preparing for the Inevitable
CHAPTER 1: If I Had a Time Machine
STARTING WITH THE UNKNOWNS – OR NOT?
AN ISOLATED PERSPECTIVE HAS MANY LIMITS
LEARNING FROM OUR PAST TO LEAD OUR FUTURE
FREQUENT RANSOMWARE ATTACKS PROMPT RESPONSE CAPABILITY ENHANCEMENTS IN NEW YORK STATE
LIKE A BAD PENNY
EDUCATION SECTOR TARGETED BY CYBERCRIMINALS
THE BATTLE CONTINUES
FIVE TAKEAWAYS
NOTES
CHAPTER 2: Fail to Plan or Plan to Fail: Cyber Disruption Response Plans and Cyber Insurance
THE MAKING OF THE MICHIGAN CYBER INITIATIVE
CONFRONTING CYBER EMERGENCIES: THE MICHIGAN CYBER DISRUPTION RESPONSE PLAN
U.S. FEDERAL GOVERNMENT GUIDANCE ON SECURITY INCIDENT HANDLING
POSITIVE SECURITY AND RISK MANAGEMENT FOR INTERNATIONAL ORGANIZATIONS
CHANGES IN THE PLANNING APPROACH POST-INCIDENT
THE WISCONSIN GOVERNMENT APPROACH TO CYBERSECURITY INCIDENT RESPONSE
A PRIVATE SECTOR PERSPECTIVE ON COMPUTER SECURITY INCIDENT RESPONSE
INCIDENT RESPONSE AND CYBER INSURANCE
NOTES
CHAPTER 3: Practice Makes Perfect: Exercises, Cyber Ranges, and BCPs
THE IMPORTANCE OF CYBER EXERCISES
HISTORY OF CYBER STORM EXERCISES
MICHIGAN PARTICIPATION IN CYBER STORM I
CYBER SCENARIOS, EXERCISE PLANS, AND PLAYBOOKS
HELP AVAILABLE, FROM A CYBER RANGE NEAR YOU
INTERNAL BUSINESS CONTINUITY PLANNING (BCP) PLAYERS
DESIGNING YOUR BCP IN ACCORDANCE WITH YOUR COMPANY'S MISSION
WHERE NEXT WITH YOUR BCP?
HOW OFTEN SHOULD WE BE RUNNING OUR BCPs?
AUTOMATED RESPONSES TO INCIDENTS
NOTES
CHAPTER 4: What a Leader Needs to Do at the Top
BUILDING RELATIONSHIPS WITH YOUR BUSINESS LEADERS
SPEAK THEIR LANGUAGE
LAYING THE GROUNDWORK
SECURITY VARIANCE
THE FUNDAMENTALS AND TOP MITIGATION STRATEGIES
SECURITY NEEDS TO HAVE A BUSINESS PURPOSE
FIGHTING THE INNATE NATURE OF A CISO
HOW SHOULD A SENIOR EXECUTIVE APPROACH CYBER ISSUES?
WHAT CAN THE BOARD CHANGE?
STORY-BASED LEADERSHIP
SETTING A SUPPORTIVE CULTURE LEADS TO CREATIVE SOLUTIONS
NOTES
PART II: Cyber Mayday: When the Alarm Goes Off
CHAPTER 5: Where Were You When the Sirens Went Off?
THE STORY OF TOLL
FINE-TUNE YOUR BCP
CYBER CRISIS IN PANDEMIC TIMES
MICROSCOPIC LESSONS – DAY ONE OF THE INCIDENT
THE RECOVERY
IMPROVEMENT WITH HINDSIGHT
THIRD-PARTY RISKS AND CYBER INSURANCE
EFFECTIVE LEADERSHIP IN TIMES OF CRISIS
A SUPPORTIVE MANAGEMENT HELPS BRING RESULTS
NOTES
CHAPTER 6:Where Do We Go When the Power Goes Off?
ASSESSING THE SITUATION
ESTABLISHING ORDER
CYBER TEAMWORK DURING A BLACKOUT
STEPPING BACK TO STEP FORWARD
PEOPLE, PROCESS, AND TECHNOLOGY IN CYBER EMERGENCIES
CISO MINDSET REGARDING SECURITY INCIDENTS
DEFINING SECURITY OPERATIONS?
MEASURING RESULTS: KEY PERFORMANCE INDICATORS
INFORMATION SHARING
STRENGTHENING PLAYBOOKS
MULTI-STATE SECURITY OPERATIONS5
NOTES
CHAPTER 7: Teamwork in the Midst of the Fire
A BIG STEP BACK – AND ANALYZING WHAT WENT RIGHT AND WRONG WITH THE JCTF PROCESSES
A PRIVATE SECTOR INCIDENT WITH A (SOMEWHAT) HAPPY ENDING
GREAT LEADERS FOSTER TEAMWORK – BUT HOW?
SEVEN TIPS TO IMPROVE TEAMWORK
NOTES
CHAPTER 8: What Went Right?
SWIFTNESS MATTERS
PROACTIVE LEADERSHIP AND TRANSPARENCY AS KEY FACTORS
AVIATION INDUSTRY LESSONS FROM A CRISIS COMMUNICATIONS RESEARCHER
COMMUNICATING CYBER CRISIS WITH CONSOLE
MEET THE WORLD'S FIRST CISO
THE BASIC KEYS OF DISASTER RESPONSE
THE PROBLEM WITH MISINFORMATION
THE STOCKWELL TUBE INCIDENT
NOTES
PART III: The Day After: Recovering from Cyber Emergencies
CHAPTER 9: The Road to Recovery
CYBER MINDSETS FROM A WAR ZONE
HINDRANCES TO AVOID
ASYMMETRIC HYBRID WARFARE (AHW)
THE ROAD TO NO RECOVERY
THE FIRST STEP IN COMMUNICATION
THE FOUR STEPS OF A CRISIS-READY FORMULA
KEY ACTIONS FOR RECOVERY
NOTES
CHAPTER 10: What Went Wrong – How Did We Miss It?
MISTAKES AND SOLUTIONS IN WISCONSIN
HOSPITAL RANSOMWARE – AND LEARNING FROM MISTAKES
HOW OVERCONFIDENCE CAN IMPACT ORGANIZATIONAL SECURITY AND CAUSE DATA BREACHES
REFLECTING ON INCIDENTS WITH A MENTOR
NOTES
CHAPTER 11: Turning Cyber Incident Lemons into Organizational Lemonade
ARE WE LEARNING FROM THESE TRUE STORIES?
CALLS FOR MORE RESILIENCE AND DOING MUCH BETTER
MORE LESSONS LEARNED
BACK TO THE BEGINNING: A CIRCULAR APPROACH TO INCIDENT RESPONSE DURING CYBER EMERGENCIES
A HELPFUL HOSPITAL EXAMPLE
MAKING LEMONADE
FIVE LESSONS FROM THE HOSPITAL ATTACK
FIVE LESSONS FROM DIVERSE INFORMATION SHARING AND ANALYSIS CENTERS (ISACs)
BRINGING IT ALL TOGETHER
THE ECOSYSTEM VIEW
LEADING BY EXAMPLE
NOTES
Free Cyber Incident Resources
CYBER INCIDENT RESPONSE PLANNING AND PLANS
STANDARDS, FRAMEWORKS, AND POLICIES
EXERCISE TEMPLATES
CYBER STRATEGY DOCUMENTS
INCIDENT RESPONSE PLAYBOOKS
CERT RESOURCES
CYBER INSURANCE GUIDANCE
LESSONS LEARNED DOCUMENTS
TRAINING OPPORTUNITIES, INCLUDING CYBER RANGES
LAWS AND REPORTING ON DATA BREACHES AND PROTECTING DATA
CRISIS COMMUNICATIONS
Acknowledgments
About the Authors
Index
End User License Agreement
← Prev
Back
Next →
← Prev
Back
Next →