Operations and maintenance
You produced your part and it is now on the road. Congratulations – you can celebrate! Oh, but not so fast – your job of cyber defense has now transitioned to incident response. During the first three phases, as shown in Figure 5.7, we aimed to eliminate or reduce risks wherever possible. Where risks could not be reduced, a rationale was provided to either accept the risk or transfer it to other parties. Once in the operations and maintenance phase, our goal is to respond to emerging risks by following a process that identifies and addresses those risks effectively and promptly.
When the system is in its real environment, it is exposed to all the hypothetical threats that you considered during the concept and design phases. Now, attackers from all domains may be actively attempting to subvert your systems, and therefore planning to maintain cybersecurity during operational mode is a must. This can be achieved through two main methods:
...
