Book description
Successfully lead your company through the worst crises with this first-hand look at emergency leadership
Cyber security failures made for splashy headlines in recent years, giving us some of the most spectacular stories of the year. From the Solar Winds hack to the Colonial Pipeline ransomware event, these incidents highlighted the centrality of competent crisis leadership.
Cyber Mayday and the Day After offers readers a roadmap to leading organizations through dramatic emergencies by mining the wisdom of C-level executives from around the globe. It’s loaded with interviews with managers and leaders who've been through the crucible and survived to tell the tale.
From former FBI agents to Chief Information Security Officers, these leaders led their companies and agencies through the worst of times and share their hands-on wisdom. In this book, you’ll find out:
- What leaders wish they'd known before an emergency and how they've created a crisis game plan for future situations
- How executive-level media responses can maintain – or shatter – consumer and public trust in your firm
- How to use communication, coordination, teamwork, and partnerships with vendors and law enforcement to implement your crisis response
Cyber Mayday and the Day After is a must-read experience that offers managers, executives, and other current or aspiring leaders a first-hand look at how to lead others through rapidly evolving crises.
Table of contents
- Cover
- Praise for Cyber Mayday and the Day After
- Title Page
- Copyright
- Introduction: Setting the Global Stage for Cyber Resilienceintroduction
-
PART I: A Leader's Guide to Preparing for the Inevitable
-
CHAPTER 1: If I Had a Time Machine
- STARTING WITH THE UNKNOWNS – OR NOT?
- AN ISOLATED PERSPECTIVE HAS MANY LIMITS
- LEARNING FROM OUR PAST TO LEAD OUR FUTURE
- FREQUENT RANSOMWARE ATTACKS PROMPT RESPONSE CAPABILITY ENHANCEMENTS IN NEW YORK STATE
- LIKE A BAD PENNY
- EDUCATION SECTOR TARGETED BY CYBERCRIMINALS
- THE BATTLE CONTINUES
- FIVE TAKEAWAYS
- NOTES
-
CHAPTER 2: Fail to Plan or Plan to Fail: Cyber Disruption Response Plans and Cyber Insurance
- THE MAKING OF THE MICHIGAN CYBER INITIATIVE
- CONFRONTING CYBER EMERGENCIES: THE MICHIGAN CYBER DISRUPTION RESPONSE PLAN
- U.S. FEDERAL GOVERNMENT GUIDANCE ON SECURITY INCIDENT HANDLING
- POSITIVE SECURITY AND RISK MANAGEMENT FOR INTERNATIONAL ORGANIZATIONS
- CHANGES IN THE PLANNING APPROACH POST-INCIDENT
- THE WISCONSIN GOVERNMENT APPROACH TO CYBERSECURITY INCIDENT RESPONSE
- A PRIVATE SECTOR PERSPECTIVE ON COMPUTER SECURITY INCIDENT RESPONSE
- INCIDENT RESPONSE AND CYBER INSURANCE
- NOTES
-
CHAPTER 3: Practice Makes Perfect: Exercises, Cyber Ranges, and BCPs
- THE IMPORTANCE OF CYBER EXERCISES
- HISTORY OF CYBER STORM EXERCISES
- MICHIGAN PARTICIPATION IN CYBER STORM I
- CYBER SCENARIOS, EXERCISE PLANS, AND PLAYBOOKS
- HELP AVAILABLE, FROM A CYBER RANGE NEAR YOU
- INTERNAL BUSINESS CONTINUITY PLANNING (BCP) PLAYERS
- DESIGNING YOUR BCP IN ACCORDANCE WITH YOUR COMPANY'S MISSION
- WHERE NEXT WITH YOUR BCP?
- HOW OFTEN SHOULD WE BE RUNNING OUR BCPs?
- AUTOMATED RESPONSES TO INCIDENTS
- NOTES
-
CHAPTER 4: What a Leader Needs to Do at the Top
- BUILDING RELATIONSHIPS WITH YOUR BUSINESS LEADERS
- SPEAK THEIR LANGUAGE
- LAYING THE GROUNDWORK
- SECURITY VARIANCE
- THE FUNDAMENTALS AND TOP MITIGATION STRATEGIES
- SECURITY NEEDS TO HAVE A BUSINESS PURPOSE
- FIGHTING THE INNATE NATURE OF A CISO
- HOW SHOULD A SENIOR EXECUTIVE APPROACH CYBER ISSUES?
- WHAT CAN THE BOARD CHANGE?
- STORY-BASED LEADERSHIP
- SETTING A SUPPORTIVE CULTURE LEADS TO CREATIVE SOLUTIONS
- NOTES
-
CHAPTER 1: If I Had a Time Machine
-
PART II: Cyber Mayday: When the Alarm Goes Off
- CHAPTER 5: Where Were You When the Sirens Went Off?
-
CHAPTER 6: Where Do We Go When the Power Goes Off?
- ASSESSING THE SITUATION
- ESTABLISHING ORDER
- CYBER TEAMWORK DURING A BLACKOUT
- STEPPING BACK TO STEP FORWARD
- PEOPLE, PROCESS, AND TECHNOLOGY IN CYBER EMERGENCIES
- CISO MINDSET REGARDING SECURITY INCIDENTS
- DEFINING SECURITY OPERATIONS?
- MEASURING RESULTS: KEY PERFORMANCE INDICATORS
- INFORMATION SHARING
- STRENGTHENING PLAYBOOKS
- MULTI-STATE SECURITY OPERATIONS5
- NOTES
- CHAPTER 7: Teamwork in the Midst of the Fire
-
CHAPTER 8: What Went Right?
- SWIFTNESS MATTERS
- PROACTIVE LEADERSHIP AND TRANSPARENCY AS KEY FACTORS
- AVIATION INDUSTRY LESSONS FROM A CRISIS COMMUNICATIONS RESEARCHER
- COMMUNICATING CYBER CRISIS WITH CONSOLE
- MEET THE WORLD'S FIRST CISO
- THE BASIC KEYS OF DISASTER RESPONSE
- THE PROBLEM WITH MISINFORMATION
- THE STOCKWELL TUBE INCIDENT
- NOTES
-
PART III: The Day After: Recovering from Cyber Emergencies
- CHAPTER 9: The Road to Recovery
- CHAPTER 10: What Went Wrong – How Did We Miss It?
-
CHAPTER 11: Turning Cyber Incident Lemons into Organizational Lemonade
- ARE WE LEARNING FROM THESE TRUE STORIES?
- CALLS FOR MORE RESILIENCE AND DOING MUCH BETTER
- MORE LESSONS LEARNED
- BACK TO THE BEGINNING: A CIRCULAR APPROACH TO INCIDENT RESPONSE DURING CYBER EMERGENCIES
- A HELPFUL HOSPITAL EXAMPLE
- MAKING LEMONADE
- FIVE LESSONS FROM THE HOSPITAL ATTACK
- FIVE LESSONS FROM DIVERSE INFORMATION SHARING AND ANALYSIS CENTERS (ISACs)
- BRINGING IT ALL TOGETHER
- THE ECOSYSTEM VIEW
- LEADING BY EXAMPLE
- NOTES
-
Free Cyber Incident Resources
- CYBER INCIDENT RESPONSE PLANNING AND PLANS
- STANDARDS, FRAMEWORKS, AND POLICIES
- EXERCISE TEMPLATES
- CYBER STRATEGY DOCUMENTS
- INCIDENT RESPONSE PLAYBOOKS
- CERT RESOURCES
- CYBER INSURANCE GUIDANCE
- LESSONS LEARNED DOCUMENTS
- TRAINING OPPORTUNITIES, INCLUDING CYBER RANGES
- LAWS AND REPORTING ON DATA BREACHES AND PROTECTING DATA
- CRISIS COMMUNICATIONS
- Acknowledgments
- About the Authors
- Index
- End User License Agreement
Product information
- Title: Cyber Mayday and the Day After
- Author(s):
- Release date: November 2021
- Publisher(s): Wiley
- ISBN: 9781119835301
You might also like
book
Wiley Handbook of Science and Technology for Homeland Security, 4 Volume Set
The Wiley Handbook of Science and Technology for Homeland Security is an essential and timely collection …
book
Rogues of Wall Street
Reduce or prevent risk failure losses with new and emerging technologies Rogues of Wall Street analyzes …
book
Advanced Persistent Threat
The newest threat to security has been categorized as the Advanced Persistent Threat or APT. The …
book
Building a Cyber Resilient Business
Learn how to build a proactive cybersecurity culture together with the rest of your C-suite to …
