„The goal of CEM is to rethink what already exists and thus strengthen the resilience of the organization.“
The implementation of separated organizational and technical security measures can no longer effectively combat today’s complex cyber- attacks.
These measures are often divided into different areas and responsibilities.
One area takes care of information security, another of IT emergency management, another of crisis management and business continuity, another of technical security measures and everyone sees only their own area of responsibility and defines their own goals independently of each other and independent from the business goals.
This means that the comprehensive and close cooperation between the technical and organizational departments involved and external service providers and their central control, which is necessary to effectively combat a cyber- attack, is not possible.
This results in significant deficiencies in the cyber security architecture of companies, which can lead to considerable damage and do not adequately implement the new compliance requirements, such as DORA, NIS2 or TISAX VDA-ISA 6.
The challenges in the cyber security environment require a general rethinking away from classic solution approaches.
Focused on cyber threats, modern through the application of current standards and best practice, modular through defined products and processes and effective through structured and modern processes, this is defined by CYBER EMERGENCY MANAGEMENT.
CYBER EMERGENCY MANAGEMENT is a combination of security incident, incident response, emergency, and crisis management.
It is focuses on cyber threat situations, is modern by applying current standards and best practice and is modular through defined products and processes.
CYBER EMERGENCY MANAGEMENT leads to a functioning and effective cyber defense, implementing only necessary but effective defense measures and thereby reducing the organization’s costs for implementation as well as for possible damage.
KEY COMPONENTS OF CYBER MANAGEMENT
Identify the maturity level of processes and procedures required for implementation.
Identify critical assets, threats & vulnerabilities the resulting risks and measures.
Defines an effective crisis organization.
Establish a strong combination of crisis-, emergency and incident response process.
Defines strategies, plans, and measures to effectively manage and mitigate the impact of cyber incidents.
CYBER EMERGENCY MANAGEMENT encompasses a comprehensive approach:
– deal with cyber threats
– aiming to enhance an organization’s resilience
– ability to respond to and recover from cyber incidents
It involves a combination of preparedness, response, recovery, mitigation, and coordination efforts to address the dynamic and evolving nature of cyber threats.
CEM consists of components of the following standards and best practice:
ISO / IEC 27035, ISO / IEC 27037, NIST SP 800, MITRE ATT&CK, MITRE DEFEND, TRAM, FAST, CVE, CAPEC, NVD, GuardSight
The CYBER EMERGENCY MANAGEMENT process model allows implementation in any organization, regardless of the status quo.
It checks and evaluates existing processes and models them in his special process model.
It is also able to work with external security services, such as an external SoC or DFIR services, and actively integrate them into its processes.
The goal of CEM is to rethink what already exists and thus strengthen the resilience of the organization.