Читать книгу Cyber Intelligence-Driven Risk - Richard O. Moore III - Страница 8

 During a cyber incident is not the time to prepare your actions. Preparations are necessary; just as you prepare for financial loss, cyber incidents impact both operations and financial losses.

 Cybersecurity decisions with CI-DR “knowledge” become sophisticated business decisions.

 When cybersecurity leaders speak of business risks coupled with cyber intelligence analysis, any leader can make informed decisions.

 Any cyberattack can be thought of using deprived values and costs, which makes it an operational risk, which is ultimately a business risk. In this case, it was potential market risks, credit risks, and liquidity risks that could be lost due to operational loss. The organization wanted to keep our AA rating, and it didn't want to have customers leave to go to other institutions for banking, and it certainly did not want to take a substantial financial loss from either revenue, fines, or litigation.

A CI-DR program can have massive impacts and outcomes, as it is built with the purpose of delivering decisions to business leaders. Throughout this book, you will see the terms “information security” or “cybersecurity” used, and in CI-DR there are distinct differences, but for the purposes of this book these terms will be synonymous.