The number of cyber events continues to increase sharply. This is leading to widespread recognition that some cyber events cannot be stopped. Organizations are improving their prevention capabilities with modern technology and tools while augmenting cyber event detection and response capabilities. Previous segments have dissected portions of the National Institute of Standards and Technology (NIST) cybersecurity framework related to:
- Identify assets to protect
- Protect assets
- Detect threats
The next concept to visit is the respond function. Respond represents the need to develop/implement appropriate activities to take action regarding a detected cybersecurity event. In the past, organizations focused information security efforts on cyber event protection. However, adversaries have modified attack techniques to make protection much more difficult.
Respond and recovery brings together numerous processes and activities, such as business continuity and disaster recovery planning and plan execution. The respond function supports the ability to contain the impact of a potential cybersecurity event. This segment delves deeply into concepts that must be well understood and planned in order to ensure the respond function is effective.
Training for all programs related to cyber security by this trainer are utilizing the framework of the National Institute of Standards and Technology (NIST) as a model. This information is freely available in the public domain. For more detailed information on the framework please refer to NIST.org.
Prerequisites
No Advanced Preparation or Prerequisites are needed for this course. However, it is recommended to take the other courses in the series prior to completing this one.
Learning Objective
- Explore the requirements of the respond function in a cyber risk assessment.
- Identify critical concepts of response planning.
- Identify important components of communication in the response phase.
- Identify how to properly “analyze” for the response phase.
- Explore steps to instill improvements as part of the response phase.
- Explore the importance of mitigation of identified incidents as part of the response phase.
Last updated/reviewed: July 17, 2025
(0) Reviews
(75 rating)Lesson Questions and Answers0 Questions
INTRODUCTION AND OVERVIEW
- Introduction to Cyber Risk Assessment – Respond to Incidents 7:57
- Respond 10:52
- Mobilizing Response 9:03
- Response Planning 12:35
- Communications 7:50
- Analysis 9:32
- Mitigation 3:14
- Improvements 7:33
- Enterprise Response Tool 5:09
- Summary 3:39
CONTINUOUS PLAY
SUPPORTING MATERIALS
- Slides: Cyber Risk Assessment – Respond to Incidents PDF
- Cyber Risk Assessment – Respond to Incidents Glossary/Index PDF
REVIEW AND TEST
- REVIEW QUESTIONS quiz
- FINAL EXAM exam
Ask the instructor a question about this lesson