Checklists and Templates to Help Create an Enterprise-Wide Cybersecurity and Cyber Resiliency Strategy

Chapter 8 – Checklists and Templates to help create an enterprise-wide Cybersecurity and Cyber Resiliency Strategy, provides checklists, templates, process diagrams, data flow diagrams, sample security, and regulatory architectures as well as RACI spreadsheets with tasks and roles to help create the specific strategy details that apply to your organization. Many of these items will be downloadable on the CRC Press website after the purchase of the book. In some cases, the diagram or spreadsheet is not fully completed. The objective of this is to give the reader the opportunity to complete the diagram for his/her organization.

The list of diagrams for this chapter are:

Figure 8.1 The 6 Development and Maintenance Steps for a Cybersecurity and Cyber Resiliency Strategy

Figure 8.2 Mission/Vision, Principles, Strategic Objectives, and Initiatives Pyramid

Figure 8.3 Attributes of Corporate Cultures

Figure 8.4 Blank RACI for STEP 1

Figure 8.5 Organizational Readiness for a Cyber Strategy

Figure 8.6 Blank STEP 2 Project Charter

Figure 8.7 RACI for STEP 2: Strategy Project Management

Figures 8.8 a–e RACI Strategy Project Full

Figure 8.9 Sample Data Flow Diagram for STEP 2

Figure 8.10 Blank RACI for STEP 3

Figure 8.11 Blank RACI for STEP 4

Figure 8.12 Sample Data Flow Diagram for STEPs 3 and 4

Figure 8.13 Incidents to Controls Mapping

Figure 8.14 Blank RACI for STEP 5

Figure 8.15 Partial Data Flow Diagram for STEP 5

Figure 8.16 Partial Cyber Risk Assessment Example

Figure 8.17 Blank RACI for STEP 6

Figure 8.18 Partial Data Flow Diagram for STEP 6

Figure 8.19 Strategy Progress Report – Cyber Resiliency

Figure 8.20 Blank Initiative to CSF Mapping per Objective

Figure 8.21 Cybersecurity and Cyber Resiliency Yearly Report

Figure 8.22 Sample Governance Organization Hierarchy

Figure 8.23 Blank Governance Approval RACI

Figure 8.24 Blank Governance Approval Swimlane

The list of tables for this chapter are:

Table 8.1 Strategy Preplanning Checklist

Table 8.2 Sample Critical Success Factors Validation

Table 8.3 Sample Cybersecurity and Cyber Resiliency Strategy TOC Final Deliverable Outline

Table 8.4 NIST Adversarial Threat Ratings

Table 8.5 Checklist for End of Year (EoY) Tasks

Table 8.6 Critical Success Factors

Table 8.7 Sample Key Risk Indicators (KRI)

Table 8.8 Sample Cyber Key Performance Indicators (KPI)