Abstract
When does a cybersecurity incident become a crisis? Generally, when it has enterprisewide impact or when it requires activation of disaster recovery plans, it's a crisis. It's when a single compromised server becomes ten compromised servers, then a hundred, and pretty soon the entire data center is infected, damaged, or worse. Over the past several years, there have been several public instances of massive IT crises including Saudi Aramco in 2012 and Sony Pictures Entertainment in 2014. Smaller incidences occur every day, outside of the public eye. This chapter describes how things change when a crisis occurs and how enterprises behave under the duress of a crisis situation. The chapter also describes techniques for restoring IT during a crisis while simultaneously strengthening cybersecurity to protect against an active attacker who may hit your enterprise again at any moment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This poster was developed in Great Britain as part of the preparation for World War II, but was not widely distributed at the time. The British government kept it in storage for use in case of a devastating German attack. It was rediscovered in 2000 and has since become quite popular.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2015 Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, and Abdul Aslam
About this chapter
Cite this chapter
Donaldson, S.E., Siegel, S.G., Williams, C.K., Aslam, A. (2015). Managing a Cybersecurity Crisis. In: Enterprise Cybersecurity. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4302-6083-7_10
Download citation
DOI: https://doi.org/10.1007/978-1-4302-6083-7_10
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4302-6082-0
Online ISBN: 978-1-4302-6083-7
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)