Measuring The Ability to Respond to The UnExpected

Paul Davis

As everyone is discovering, no single solution or security model that can defend against all attacks. The attackers are still getting in. How do you know how well you’re doing in terms of maturity? This presentation applies a model based on a white paper titled “The Role of Community Resilience in Advancing Security”, written by Stephen E. Flynn and Peter Boynton from Kostas Research Institute for Homeland Security at Northeastern University.  This presentation maps their framework for measuring Resilience to IT Security, and has been used to measure and ensure the effectiveness of physical crisis response, to the world of cyber security operations. It will show how to measure the maturity of an organization’s ability to respond to the ‘Unexpected’, and how to determine the weak points and important assets that need to be protected. This presentation is targeted to those practitioners who are involved in developing and improving overall security program response for large enterprises, government and global organizations. This presentation will also provide a high-level framework of how to measure your effectiveness in incident and crisis response. It can be molded to the individual needs of the security organization so that they can be better prepared. It is presented with the support of the George J. Kostas Institute for Homeland Security, who are focused on advancing the development of societal resilience in the face of 21st Century risks.