Professional Documents
Culture Documents
Cyber Response Builder
Cyber Response Builder
Cyber Response
Builder
Your Guide to Implementing a Successful
Cyber Response Strategy
So, why does your organization need this additional layer of resilience,
especially if you already have an effective cybersecurity program?
Build Create
Create Take
Level Set Response Competencies
Focus Inventory
Strategy + Confidence
01 02 03 04 05
The types of data being stored and where (PHI, PII, PCI)
Important Business Services and Critical Asset Check out the Appendix for a detailed view of inputs to the
Identification (including impacts to identify gaps) key elements listed above.
Let’s level set on the current state of your organization’s cyber response capability.
Can you confidently and honestly respond “Yes!” to the following statements:
I have defined which players are required to be on the field and when, spanning Crisis/Incident Management,
1. YES NO
Security, Data Protection, Business Continuity, IT Disaster Recovery, and Cyber Response teams.
I have defined, documented, and assigned clear roles and responsibilities with trained, competent people
2. YES NO
(across both leadership and technical resources).
4. I have defined, documented, and tested internal and external notification strategies and capabilities. YES NO
6. I have defined, documented, and tested cyber insurance and law enforcement engagement approaches. YES NO
7. I have defined, documented, and tested processes to capture and retain evidence. YES NO
8. I have defined, documented, and tested processes to assess and contain the breach. YES NO
I have defined, documented, and tested processes to effectively recover business operations across the
9. YES NO
organization (even partially), including alternate processes and manual capabilities.
I have seen concrete results across all risk disciplines that prove we are ready to respond and recover, and I am
10. confident in reporting our position with supporting data to the Board showing we are fully capable of quickly YES NO
If you can’t confidently and honestly respond “Yes!” to the 10 questions above, book a meeting with our team today. We can help
you quickly identify the hidden vulnerabilities in your current cyber response capabilities and define a clear path to close the gaps.
BOOK A MEETING
Here is a detailed view of the key elements necessary for developing your cyber response strategy:
Important Business Services Identify critical business services (internal and external delivering services to
and Critical Asset Identification customers)
(including impacts to identify Identify threats and vulnerabilities
gaps) Access the impact of disruption (BIA)
Prioritize risks (plausible, severe, and extreme)