Developing cyber resilience through cyber incident response capability improvement : Presenting the cyber incident response capability development life cycle model
Abstract
In the face of a deteriorating cyber threat landscape, it has never been more important for entities to prepare for a cyber incident. This paper presents the cyber incident response capability development life cycle, a cumulative and iterative approach to considering cyber threats from multiple dimensions to identify capability gaps and providing the opportunity for focused skill uplift. The life cycle addresses all aspects of cyber incidents and provides innovative approaches to accommodating the needs of all stakeholders across all roles in an entity, from simplified exercises to complex simulated events. Exercising incident response plans and the associated playbooks is a feature of all standards and frameworks, and consistently recommended through government and regulatory advice. This article is also included in The Business & Management Collection which can be accessed at https://hstalks.com/business/.
The full article is available to subscribers to the journal.
Author's Biography
Murray Goldschmidt is an expert at the intersection of education and incident response. He serves as the Executive Director for Cyber Capability, Education and Training at CyberCX Pty Ltd, the leading provider of professional cyber security and cloud services across Australia and New Zealand. With a workforce of over 1,400 professionals, CyberCX is a trusted partner to private and public sector organisations, helping entities to confidently manage cyber risk, respond to incidents and build resilience in an increasingly complex and challenging threat environment. Murray is a career security consultant, having previously co-owned and served as the Chief Operating Officer at Sense of Security Pty Ltd, a specialist cyber security advisory company, up to the point of acquisition by CyberCX Pty Ltd.
