Cyber Risk Management: Introduction to the Preparedness Cycle

This is the first in a short series we’re writing for our friends at SurfWatch Labs on applying the Preparedness Cycle to Cyber Risk Management.

Bad things happen. Whether we’re dealing with our personal or professional business, life seems to always have a variety of bumps and obstacles that pop up in our path. We should anticipate that these disruptions will arise and prepare ourselves to move through them as successfully and efficiently as possible while minimizing the impacts the disruptions cause. In dealing with the wide spectrum of threats that can cause operational disruptions to our organizations – regardless of whether they are health or natural catastrophes, terrorists or cybercrime – a key part of successfully overcoming the impacts of incidents is taking the time to properly prepare. Preparedness can be defined as a continuous cycle of planning, organizing, training, equipping, exercising, evaluating, and taking corrective actions to support effective incident response… No organization is able to specifically address every threat and risk, nor to address them all as thoroughly as we’d like. By prioritizing our risks, and recognizing that you only have limited time and resources to work with, you can then find ways to “get the most bang for the buck” in determining how to approach preparedness activities.

To read the rest, continue to SurfWatch Labs: “Preparedness & Cyber Risk Reduction Part One: Introduction to the Preparedness Cycle” 

This series is being written by Andy Jabbour, Gate 15’s Co-Founder and Managing Director. Andy leads Gate 15’s risk management and critical infrastructure operations with focus on Information Sharing, Threat Analysis, Operational Support & Preparedness Activities (Planning, Training & Exercise). Andy has years of experience working with partners across the critical infrastructure and homeland security enterprise to support national security and client business needs.


Related Posts