Cyber crisis and training: doctrine

From Wiki Campus Cyber
This page is a translated version of the page Crise cyber et entrainement : doctrine and the translation is 100% complete.

Doctrine and method for cyber resilience and cyber crisis management.

Category: Working Group Cycle: 3 Status: Ongoing




Description

The aim of this workstream is to create operational and pragmatic doctrinal and methodological elements relating to cyber crisis management and, in particular, to clarify and operationalise the concept of cyber resilience. To this end, the deliverables will include the development of several operational crisis management kits (reflex sheets, method, kit, etc.) which will contribute - in line with existing documentation - to the emergence of a common vocabulary (glossary), the identification and description of operational crisis management and cyber resilience capabilities to deal with issues such as the Cloud or the supply chain, and the assessment of the level of maturity of entities (maturity index). Particular attention should also be paid to smaller organisations, and content should be made available to help higher education institutions develop their skills in these areas.

Deliverables

  • Reflex cards:
    • Definition of cyber resilience concepts and methodology
    • Fact sheet on supply chain issues
    • Reflex sheet on cloud issues
    • Fact sheet on communication and information sharing
    • Threshold and alert chain reflex sheet
    • Fact sheet on the role of CTI and Anticipation
    • Reflex sheet for the different functions within the crisis unit
  • Guide and kit for SMEs
  • Standard training for higher education institutions
  • Cyber BCP and DRP construction kit

Logbook

Follow the progress of the working group through the logbook maintained in the CI Crise cyber et entraînement community of interest.

Leaded by the community of interest

CI Crise cyber et entraînement

Communs

  
Practical guide: Cloud technology issues during cyber crisesCloud technologies are increasingly present in organizations' information systems (IS). Many teams are deciding to migrate to third-party providers to host or run their digital services, with a view to accelerating digital transformations.
Practical guide: Preventing cyber risks in the supply chainCybersecurity in the supply chain, where sector-specific issues highlight the importance of distinguishing between operating an information system and providing a service, highlights the key role of subcontractors, the need for mutual trust and high security standards. Cybersecurity in the supply chain, where sector-specific issues highlight the importance of distinguishing between operating an Information System and providing a service, underscores the key role of subcontractors, the need for mutual trust and high security standards.
Practical info: Roles and functions in a cyber crisisManaging a crisis of cyber origin involves mobilization at several levels of the organization: strategic or decision-making, and operational and/or tactical. To facilitate ownership and implementation of the crisis management system, It is essential to structure everyone's roles and missions, and to anticipate how they will be carried out over the long term.