Читать книгу Cyber Mayday and the Day After - Daniel Lohrmann - Страница 2

1  Cover

2  Praise for Cyber Mayday and the Day After

3  Title Page

4  Copyright

5  Introduction: Setting the Global Stage for Cyber Resilienceintroduction A NEW SENSE OF CYBER URGENCY A PEEK BEHIND THE CURTAINS, AND THE MAKING OF CYBER MAYDAY AND THE DAY AFTER THE THREE-PART BREAKDOWN NOTES

6  PART I: A Leader's Guide to Preparing for the Inevitable CHAPTER 1: If I Had a Time Machine STARTING WITH THE UNKNOWNS – OR NOT? AN ISOLATED PERSPECTIVE HAS MANY LIMITS LEARNING FROM OUR PAST TO LEAD OUR FUTURE FREQUENT RANSOMWARE ATTACKS PROMPT RESPONSE CAPABILITY ENHANCEMENTS IN NEW YORK STATE LIKE A BAD PENNY EDUCATION SECTOR TARGETED BY CYBERCRIMINALS THE BATTLE CONTINUES FIVE TAKEAWAYS NOTES CHAPTER 2: Fail to Plan or Plan to Fail: Cyber Disruption Response Plans and Cyber Insurance THE MAKING OF THE MICHIGAN CYBER INITIATIVE CONFRONTING CYBER EMERGENCIES: THE MICHIGAN CYBER DISRUPTION RESPONSE PLAN U.S. FEDERAL GOVERNMENT GUIDANCE ON SECURITY INCIDENT HANDLING POSITIVE SECURITY AND RISK MANAGEMENT FOR INTERNATIONAL ORGANIZATIONS CHANGES IN THE PLANNING APPROACH POST-INCIDENT THE WISCONSIN GOVERNMENT APPROACH TO CYBERSECURITY INCIDENT RESPONSE A PRIVATE SECTOR PERSPECTIVE ON COMPUTER SECURITY INCIDENT RESPONSE INCIDENT RESPONSE AND CYBER INSURANCE NOTES CHAPTER 3: Practice Makes Perfect: Exercises, Cyber Ranges, and BCPs THE IMPORTANCE OF CYBER EXERCISES HISTORY OF CYBER STORM EXERCISES MICHIGAN PARTICIPATION IN CYBER STORM I CYBER SCENARIOS, EXERCISE PLANS, AND PLAYBOOKS HELP AVAILABLE, FROM A CYBER RANGE NEAR YOU INTERNAL BUSINESS CONTINUITY PLANNING (BCP) PLAYERS DESIGNING YOUR BCP IN ACCORDANCE WITH YOUR COMPANY'S MISSION WHERE NEXT WITH YOUR BCP? HOW OFTEN SHOULD WE BE RUNNING OUR BCPs? AUTOMATED RESPONSES TO INCIDENTS NOTES CHAPTER 4: What a Leader Needs to Do at the Top BUILDING RELATIONSHIPS WITH YOUR BUSINESS LEADERS SPEAK THEIR LANGUAGE LAYING THE GROUNDWORK SECURITY VARIANCE THE FUNDAMENTALS AND TOP MITIGATION STRATEGIES SECURITY NEEDS TO HAVE A BUSINESS PURPOSE FIGHTING THE INNATE NATURE OF A CISO HOW SHOULD A SENIOR EXECUTIVE APPROACH CYBER ISSUES? WHAT CAN THE BOARD CHANGE? STORY-BASED LEADERSHIP SETTING A SUPPORTIVE CULTURE LEADS TO CREATIVE SOLUTIONS NOTES

7  PART II: Cyber Mayday: When the Alarm Goes Off CHAPTER 5: Where Were You When the Sirens Went Off? THE STORY OF TOLL FINE-TUNE YOUR BCP CYBER CRISIS IN PANDEMIC TIMES MICROSCOPIC LESSONS – DAY ONE OF THE INCIDENT THE RECOVERY IMPROVEMENT WITH HINDSIGHT THIRD-PARTY RISKS AND CYBER INSURANCE EFFECTIVE LEADERSHIP IN TIMES OF CRISIS A SUPPORTIVE MANAGEMENT HELPS BRING RESULTS NOTES CHAPTER 6: Where Do We Go When the Power Goes Off? ASSESSING THE SITUATION ESTABLISHING ORDER CYBER TEAMWORK DURING A BLACKOUT STEPPING BACK TO STEP FORWARD PEOPLE, PROCESS, AND TECHNOLOGY IN CYBER EMERGENCIES CISO MINDSET REGARDING SECURITY INCIDENTS DEFINING SECURITY OPERATIONS? MEASURING RESULTS: KEY PERFORMANCE INDICATORS INFORMATION SHARING STRENGTHENING PLAYBOOKS MULTI-STATE SECURITY OPERATIONS⁵ NOTES CHAPTER 7: Teamwork in the Midst of the Fire A BIG STEP BACK – AND ANALYZING WHAT WENT RIGHT AND WRONG WITH THE JCTF PROCESSES A PRIVATE SECTOR INCIDENT WITH A (SOMEWHAT) HAPPY ENDING GREAT LEADERS FOSTER TEAMWORK – BUT HOW? SEVEN TIPS TO IMPROVE TEAMWORK NOTES CHAPTER 8: What Went Right? SWIFTNESS MATTERS PROACTIVE LEADERSHIP AND TRANSPARENCY AS KEY FACTORS AVIATION INDUSTRY LESSONS FROM A CRISIS COMMUNICATIONS RESEARCHER COMMUNICATING CYBER CRISIS WITH CONSOLE MEET THE WORLD'S FIRST CISO THE BASIC KEYS OF DISASTER RESPONSE THE PROBLEM WITH MISINFORMATION THE STOCKWELL TUBE INCIDENT NOTES

8  PART III: The Day After: Recovering from Cyber Emergencies CHAPTER 9: The Road to Recovery CYBER MINDSETS FROM A WAR ZONE HINDRANCES TO AVOID ASYMMETRIC HYBRID WARFARE (AHW) THE ROAD TO NO RECOVERY THE FIRST STEP IN COMMUNICATION THE FOUR STEPS OF A CRISIS-READY FORMULA KEY ACTIONS FOR RECOVERY NOTES CHAPTER 10: What Went Wrong – How Did We Miss It? MISTAKES AND SOLUTIONS IN WISCONSIN HOSPITAL RANSOMWARE – AND LEARNING FROM MISTAKES HOW OVERCONFIDENCE CAN IMPACT ORGANIZATIONAL SECURITY AND CAUSE DATA BREACHES REFLECTING ON INCIDENTS WITH A MENTOR NOTES CHAPTER 11: Turning Cyber Incident Lemons into Organizational Lemonade ARE WE LEARNING FROM THESE TRUE STORIES? CALLS FOR MORE RESILIENCE AND DOING MUCH BETTER MORE LESSONS LEARNED BACK TO THE BEGINNING: A CIRCULAR APPROACH TO INCIDENT RESPONSE DURING CYBER EMERGENCIES A HELPFUL HOSPITAL EXAMPLE MAKING LEMONADE FIVE LESSONS FROM THE HOSPITAL ATTACK FIVE LESSONS FROM DIVERSE INFORMATION SHARING AND ANALYSIS CENTERS (ISACs) BRINGING IT ALL TOGETHER THE ECOSYSTEM VIEW LEADING BY EXAMPLE NOTES

9  Free Cyber Incident Resources CYBER INCIDENT RESPONSE PLANNING AND PLANS STANDARDS, FRAMEWORKS, AND POLICIES EXERCISE TEMPLATES CYBER STRATEGY DOCUMENTS INCIDENT RESPONSE PLAYBOOKS CERT RESOURCES CYBER INSURANCE GUIDANCE LESSONS LEARNED DOCUMENTS TRAINING OPPORTUNITIES, INCLUDING CYBER RANGES LAWS AND REPORTING ON DATA BREACHES AND PROTECTING DATA CRISIS COMMUNICATIONS

10  Acknowledgments

11  About the Authors

12  Index

13  End User License Agreement

1 Chapter 2FIGURE 2.1 Five Core Functions of NIST Cybersecurity Framework

2 Chapter 8FIGURE 8.1 5x5x5 National Intelligence Model

3 Chapter 11FIGURE 11.1

1  Cover Page

2  Table of Contents

3  Praise for Cyber Mayday and the Day After

4  Title Page

5  Copyright

6  Introduction: Setting the Global Stage for Cyber Resilience

7  Begin Reading

8  Free Cyber Incident Resources

9  Acknowledgments

10  About the Authors

11  Index

12  End User License Agreement

1  i

2  ii

3  iii

4  vii

5  viii

6  xv

7  xvi

8  xvii

9 xviii

10 xix

11 xx

12  xxi

13  xxii

14  1

15  3

16  4

17  5

18  6

19  7

20  8

21  9

22  10

23  11

24  12

25  13

26  14

27  15

28  16

29  17

30  18

31  19

32  20

33  21

34  22

35  23

36  24

37 25

38  26

39  27

40  28

41 29

42  30

43  31

44  32

45  33

46  34

47  35

48  36

49  37

50  38

51  39

52  40

53  41

54 42

55  43

56  44

57  45

58  46

59 47

60 48

61  49

62  50

63  51

64 52

65  53

66  54

67  55

68 56

69  57

70  58

71  59

72  60

73  61

74  62

75  63

76  65

77  66

78  67

79  68

80  69

81  70

82  71

83  72

84  73

85  74

86  75

87  76

88 77

89  78

90  79

91  80

92  81

93  83

94  84

95  85

96  86

97  87

98  88

99  89

100  90

101  91

102  92

103  93

104  94

105  95

106  97

107  98

108  99

109  100

110  101

111  102

112  103

113 104

114  105

115  106

116  107

117  108

118  109

119  110

120  111

121  113

122  114

123  115

124 116

125  117

126  118

127  119

128  120

129  121

130  122

131  123

132 124

133 125

134 126

135 127

136  129

137  130

138  131

139  132

140  133

141  134

142  135

143 136

144 137

145  138

146  139

147  140

148 141

149  142

150  143

151  144

152  145

153 146

154  147

155  149

156  150

157  151

158 152

159  153

160  154

161  155

162  156

163 157

164  158

165  159

166  160

167  161

168  162

169  163

170  164

171  165

172 166

173 167

174  168

175  169

176  170

177  171

178  172

179  173

180  174

181  175

182  176

183  177

184  178

185  179

186  180

187  181

188  182

189 183

190 184

191  185

192 186

193  187

194  188

195  189

196  190

197  191

198  192

199  193

200 194

201 195

202 196

203 197

204 198

205 199

206 200

207 201

208  203

209  204

210  205

211  206

212  217

213 218

214 219

215 220

216 221

217 222

218 223

219 224

220 225

221 226

222 227

223 228

224 229

225 230

226  231