ABSTRACT
Chapter 8 – Checklists and Templates to help create an enterprise-wide Cybersecurity and Cyber Resiliency Strategy, provides checklists, templates, process diagrams, data flow diagrams, sample security, and regulatory architectures as well as RACI spreadsheets with tasks and roles to help create the specific strategy details that apply to your organization. Many of these items will be downloadable on the CRC Press website after the purchase of the book. In some cases, the diagram or spreadsheet is not fully completed. The objective of this is to give the reader the opportunity to complete the diagram for his/her organization.
The list of diagrams for this chapter are:
Figure 8.1 The 6 Development and Maintenance Steps for a Cybersecurity and Cyber Resiliency Strategy
Figure 8.2 Mission/Vision, Principles, Strategic Objectives, and Initiatives Pyramid
Figure 8.3 Attributes of Corporate Cultures
Figure 8.4 Blank RACI for STEP 1
Figure 8.5 Organizational Readiness for a Cyber Strategy
Figure 8.6 Blank STEP 2 Project Charter
Figure 8.7 RACI for STEP 2: Strategy Project Management
Figures 8.8 a–e RACI Strategy Project Full
Figure 8.9 Sample Data Flow Diagram for STEP 2
Figure 8.10 Blank RACI for STEP 3
Figure 8.11 Blank RACI for STEP 4
Figure 8.12 Sample Data Flow Diagram for STEPs 3 and 4
Figure 8.13 Incidents to Controls Mapping
Figure 8.14 Blank RACI for STEP 5
Figure 8.15 Partial Data Flow Diagram for STEP 5
Figure 8.16 Partial Cyber Risk Assessment Example
Figure 8.17 Blank RACI for STEP 6
Figure 8.18 Partial Data Flow Diagram for STEP 6
Figure 8.19 Strategy Progress Report – Cyber Resiliency
Figure 8.20 Blank Initiative to CSF Mapping per Objective
Figure 8.21 Cybersecurity and Cyber Resiliency Yearly Report
Figure 8.22 Sample Governance Organization Hierarchy
Figure 8.23 Blank Governance Approval RACI
Figure 8.24 Blank Governance Approval Swimlane
The list of tables for this chapter are:
Table 8.1 Strategy Preplanning Checklist
Table 8.2 Sample Critical Success Factors Validation
Table 8.3 Sample Cybersecurity and Cyber Resiliency Strategy TOC Final Deliverable Outline
Table 8.4 NIST Adversarial Threat Ratings
Table 8.5 Checklist for End of Year (EoY) Tasks
Table 8.6 Critical Success Factors
Table 8.7 Sample Key Risk Indicators (KRI)
Table 8.8 Sample Cyber Key Performance Indicators (KPI)