Noting an overall rise in cybersecurity incidents and inconsistent response capabilities across the federal government, the National Institute of Standards and Technology has published the “Guide for Cybersecurity Event Recovery” to assist agencies in developing plans, processes and procedures to fully restore a weakened system.
“It’s no longer if you are going to have a cybersecurity event, it is when,” said computer scientist Murugiah Souppaya, one of the guide’s authors.
According to the Cybersecurity Strategy and Information Plan, published by the Office of Management and Budget, recovery could involve a simple data backup or a far more complicated process of bringing a system back online in stages.
The NIST guide addresses this critical facet of risk management by consolidating existing guidance on incident handling and contingency planning, while offering a framework for organizations needing to create strategic playbooks for data breaches, ransomware and other cybersecurity incidents.
“To be successful, each organization needs to develop its own plan and playbooks in advance,” said Souppaya. “Then they should run the plays with tabletop exercises, work within their team to understand its level of preparation and repeat.”
The NIST Guide for Cybersecurity Event Recovery can be found here.