Hagerty Consulting’s Cyber Nexus Approach to Cybersecurity
Recent cyber incidents such as the global outbreak of Ransomware called WannaCry, another strain called Petya, breaches of voter data with the potential to impact millions, and attacks on political communications systems in Scotland and Westminster are frightening reminders of our collective need for cybersecurity. Malicious attempts to disrupt networks and systems continue to grow in frequency, scale, and sophistication while protective measures and preparedness perpetually remain one step behind. Now more than ever, cybersecurity is paramount for personal, organizational, and national security.
To address this vulnerability, Hagerty developed a programmatic approach to cyber incident management that conforms with best practices from the National Institute of Standards and Technology, the Department of Homeland Security, and the National Governor’s Association. The approach will be presented using the last month’s theme to underscore the ways in which Hagerty Consulting is prepared to support your organization’s programmatic approach to cybersecurity.
Hagerty Consulting’s Cyber Nexus Approach (CNA): The double helix structure represents stakeholder collaboration across phases of an incident and leverages their combined technical expertise
CNA is a framework for public and private sector organizations and companies responsible for building a cybersecurity program that empowers its users by:
- Linking and leveraging skillsets within and between cybersecurity partners to bridge knowledge gaps;
- Building confidence in cybersecurity awareness by providing a framework for planning, training, exercising, and responding to cyber incidents;
- Facilitating information-sharing and collaboration across areas of expertise while enabling each person or group to perform the tasks he or she does best.
CNA creates a structure for acknowledging different specialties, such as management and technical support, or emergency managers information technology, and unifying their efforts through a collaborative and task-oriented framework.
CNA enables an organization or jurisdiction to incrementally build toward national best practice by applying a revisionist approach to cybersecurity. To oversee the revisions and improvements to your jurisdiction or organization’s cybersecurity program, Hagerty recommends creating a Cyber Disruption Team (CDT). Composed of experts from relevant technical and strategic entities within your institution, CDT may be assigned responsibility for:
- Facilitating operational coordination before, during, and after a cyber incident.
- Conducting cyber risk management, cyber incident, and disruption response planning.
- Facilitating cyber-related training and exercise.
Together, these actions will contribute to an effective and robust cybersecurity program.
CNA effectively translates preparedness initiatives to response by assigning responsibility for implementing plans, policies, and procedures when a cyber disruption occurs. One of the main functions of the CDT within the CNA framework is to support the establishment of a common operating picture. To accomplish this, CDT will convene before, during, and after an incident to:
- Facilitate cross-functional communication and coordination.
- Provide direction and assignments to relevant personnel.
- Create a venue for reporting progress on assigned tasks.
After each meeting with the CDT, personnel will perform function-specific tasks in support of functional and strategic missions. By convening at critical junctures before, during, and after an incident to determine function-specific tasks, CDT essentially becomes the driver of cybersecurity program management.
By incorporating new stakeholders into what are conventionally considered information technology activities and exposing emergency managers to a novel approach to cybersecurity program management, CNA dissolves boundaries of individual roles to expand the responsibility of cyber preparedness across disciplines within an organization or jurisdiction. To accomplish this blurring of boundaries, Hagerty recommends including management, strategic, and technical experts in CDT membership. Some examples may include CEOs, elected officials, emergency managers, information technology personnel, or other key decision-makers from the public and private sectors. By expanding the roles involved in cybersecurity, CNA empowers the whole community to play a role in supporting cybersecurity.
Learn more about how CNA can help your organization or jurisdiction by downloading a free assessment tool. To determine your organization’s cybersecurity needs, visit https://www.cyberthreatready.com.