A common challenge security teams face is ensuring their organization can continue to operate despite cyber attacks — in other words, to demonstrate their cyber resilience. Research from the Ponemon Institute acknowledges that the volume and severity of cyber attacks continues to rise, but suggests that organizations can improve their cyber resilience by a combination of process and technology improvements. The research said a key area of focus should be adoption of company-wide cybersecurity incident response playbooks to guide a business through its response to common attacks. In general, the need to accelerate and automate response playbooks has resulted in a growth in the adoption of security orchestration, automation and response (SOAR) tools.
A lack of interoperability and common playbook standards have slowed down the adoption of automated response, because incident response playbooks have had to be restricted to specific teams or technology implementations. However, this is an area that the technology industry has been working to address through the development of a new standard, led by the Organization for the Advancement of Structured Information (OASIS).
OASIS Collaborative Automated Course of Action Operations (CACAO)
The OASIS Collaborative Automated Course of Action Operations (CACAO) for cybersecurity standards can enable teams to quickly define and share playbooks. The idea of a playbook is to ensure that all members of both an organization’s security and business teams have clarity of responsibility and understand how to prevent, mitigate or respond to a security incident. Today there is no standardized way to document and share these playbooks across organizational boundaries and technology solutions. Since the la ..
Support the originator by clicking the read the rest link below.
: An Emerging Cybersecurity Standard to Quickly Define and Share Playbooks){kind=link}