Skip to main content

Cyber crisis management

Readiness, response and recovery

Avoiding a cyber crisis can come down to properly managing a cyber incident before, during and after it unfolds. Multiple functions and skill sets must be highly co-ordinated to contain and manage crisis incidents.

Cyber incident response alone is not enough

Effective crisis preparation goes beyond cyber incident response to address the entire crisis management life cycle of readiness, response and recovery. Readiness involves not only 24/7 monitoring but also preparing team members to deal with an incident or crisis. Vigorous, co-ordinated responses to incidents limit damage and losses. Post-event recovery focuses on returning to normal operations, assessing the causes and disseminating lessons learnt.

Overall, the goal of cybersecurity—the main deterrent to cyber incidents— is to develop a secure, vigilant and resilient organisation.

Are you ready?

Most organisations lack the resources to develop and maintain all necessary incident and crisis response capabilities in-house. The expertise required, the evolving risk landscape and the resources of cybercriminals render it impractical for most organisations to go it alone. An outsourced or co-sourced approach with a provider of managed cybersecurity and response services may be the best option for most organisations.

Did you find this useful?

Thanks for your feedback

If you would like to help improve Deloitte.com further, please complete a 3-minute survey