"/>

PAe - Published the report of good practices in crisis management of cybersecurity
the accesskey _ mod _ content

Published the report of good practices in crisis management of cybersecurity

18 November 2020

logo CCN CERT

El Centro Criptológico Nacional ha publicado un el informe en el que se recogen las mejores prácticas a la hora de gestionar una crisis cibernética.

The National PKIX centre (Opens in new window) (CCN) has published the Report BP/20 cibercrisis communication (Opens in new window) , which develops a decalogue best practices in managing a crisis cyber, based on the analysis of recent episodes and contemplating the importance of its previous planning.

El informe incluye un total de tres casos de estudio sobre crisis provocadas por ciberespionaje, ataques de ransomware e intento de sustracción de fondos, así como un cuarto anexo sobre niveles y criterios de evaluación y clasificación de cibercrisis.

El informe define una cibercrisis como un acontecimiento del ámbito de la ciberseguridad con gran impacto sobre la actividad de la organización y que requiere tomar decisiones rápidas con información limitada. La probabilidad de ese acontecimiento dependerá del grado de preparación previa de la organización:  it will be very small if you have taken a large number of preventive measures and progressively increased the smaller prevention work carried out beforehand.

The Guide of good practices in managing ciberincidentes (Opens in new window) is based on a detailed analysis of real episodes recent arising recommendations to address crisis in general, particularly in each case good praxis for the government of crisis arising from incidences of cybersecurity. This raises a decalogue thirteen good practices, which are considered key components of the model of success to address a crisis and that is organized into five Areas outlined above -liderazgo, preparation, response, communication and cierre- associated with the generic profile of a crisis.

  • Security