VLP Partner Melissa Krasnow Authors International Risk Management Institute Article “Cyber-Security Event Recovery Plans”
VLP Partner Melissa Krasnow wrote an article for International Risk Management Institute, Inc. (IRMI) titled “Cyber-Security Event Recovery Plans.”
In December 2016, the National Institute of Standards and Technology (NIST) published a guide on cyber-security event recovery that provides information about developing a recovery plan in the form of a customized playbook before a cyber-event, as well as examples of recovery plans for a ransomware attack and data breach. Ms. Krasnow’s article sets forth items that can be included in a playbook. While the NIST Guide for Cybersecurity Event Recovery applies to US federal agencies, it should be useful to any organization.
The guide extends, but does not replace, existing federal guidelines regarding incident response. Ms. Krasnow notes that a cyber-incident response plan should be developed as part of a larger business continuity plan, which may include other plans and procedures for ensuring minimal impact to business functions (e.g., disaster recovery plans and crisis communication plans).
Click here to view the entire article on the IRMI website.Share