Share This Article
Sign up to stay
The goal of recovery is to move from the immediate aftermath of a cyber incident to full restoration of normal systems and operations.
The final step of making your business more cybersecure includes the recovery efforts after responding to a cyber incident. Like the response step, recovery requires planning. Recovery is not just about fixing the causes and preventing the recurrence of a single incident. It’s about building out your cybersecurity posture across the whole organization (not just the IT person or group), including increasing the focus on planning for future events.
- Document lessons learned.
- Make improvements to policies & procedures and communicate that to all parties.
- Establish continuing education opportunities–train your employees and yourself.
- Take steps to repair reputation, which might require you to engage with a PR firm. Decide who is responsible for communicating with external stakeholders and what the message will be
National Institute for Standards and Technology
U.S. Department of Homeland Security