I am interested in getting a few real-world examples of enterprise “Security Playbooks” and explore them.
What is an enterprise Security Playbook? It is the “outcome” of organisation’s scenario planning and security risk assessment exercises, describing what should be done in presence of specific events and threats, for given contexts.
A security playbook can relate both to current and foreseeable situations where decisions must be taken by one or more “decision makers” and courses of actions carried out by specific people.
Why are “security playbooks” important? They are strategic for organisations as they synthesize what has to be done in critical situations (and who has to carry out actions) when very little time is allowed for debates and reactions.
Interestingly enough, “playbooks” are available in many fields, related to traditional business risk management (in case of faults, natural disasters, etc.).
I am interested in learning more about enterprise playbook that specifically focus on “IT security and cybercrime” aspects: I am wondering if any public template, example or guideline has ever been produced. I struggled to find anything really relevant …
I am also interested in better understanding what the implications are in the IAM space, which impact playbooks have on people, IAM processes and related IT operations …
Any input or links would be greatly appreciated.
--- Posted by Marco Casassa Mont (here and here) ---
--- NOTE: my original HP blog can be found here ---
No comments:
Post a Comment