Summary
This chapter has addressed a major CISO role of enacting systems to help an organization during and in the aftermath of a security incident. In the current times of increasing security incidents, it is important for an organization to be prepared for security events and lay down procedures to tackle security incidents if and when they do occur. These plans are laid out in two documents referred to as DR and BC plans. DR planning focuses on getting systems and servers back up and running after a security incident. BC planning, on the other hand, focuses on the business impact of a security incident and strategizes on ensuring the security incident has minimal impact on the business and that the business can fully resume operations in the aftermath of the incident.
In the next chapter, we will tackle the concept of stakeholder onboarding where various organizational stakeholders and their cybersecurity roles will be discussed.
