Guide for Cybersecurity Event Recovery: U.S. Gov (NIST)
The National Institute of Standards and technology (U.S. Department of Commerce) has released SP800-184, a new draft guide that provides tactical and strategic guidance regarding the planning, playbook developing, testing, and improvement of recovery planning in the event of a cyber security incident.
The guide reinforces that much of the planning and documentation for recovery needs to be in place before the event occurs. To effectively plan, the draft guide recommends a number of key steps: threat modelling; understanding the identities that exist in the agency’s environment; using access controls, and ensuring data integrity. Read the document to get a sense of how U.S. experts are trying to enhance information security for the commercial sector.
Please note: That all fields marked with an asterisk (*) are required.