Towards cyber incident response strategic planning

Abstract

With technological advancements and changing environmental conditions, organisations are continually faced with growing uncertainties. Being prepared to deal with uncertainties can help organisations establish good response mechanisms. Should these uncertainties materialise, organisations will be able to address the associated risks, states and outcomes more efficiently. Scenario planning is one such means of preparing for potential uncertainties. The use of descriptive brainstorming can help organisations plan for future situations. In this paper, three scenario planning processes are discussed. As adapted scenario planning design for cyber incident handling is then proposed. The proposed design takes into consideration the focal issues of identifying the critical role players, the communication channels, the response mechanisms and the required skills. This paper encapsulates a consolidated approach to carrying scenario planning for cyber incidents. This aims to provide a more co-ordinated effort that addresses the main responsive actions that should be carried out by stakeholders during major cyber incidents. Strategically planning cyber incident responses can improve decision making in an organisation. With the use of scenario planning for strategic preparation of cyber incidents, organisations can help shape better outcomes. With scenario planning, organisations can look to understanding the future which is often filled with uncertainty. The future is unpredictable, but strategic planning can help propose plausible futures and outcomes. This helps with risk mitigation, response tactics, and overall planning on how to deal with potential scenarios of cyberattacks. During the process of cyber incident responses, the implications of actions and decisions will need to be assessed. The critical role-players need to be identified, as well as various envisioning aspects of the desired futures. In this paper, a more structured design for scenario planning for cyber security incidents is provided in order to help guide the process. The paper covers a pertinent topic of cyber incident response handling which is one of the core themes of this conference. The paper aims to consolidate previous approaches of scenario planning and shows how it can be used for cyber incident handling. Overall, the design proposed can help deal with possible future cyber incidents, which are a particularly relevant topic in the field of cyber security.