Home » Functions » Playbook (RC.PL) » RC.PL-2 Potential Impact

Description

Potential impact rating or scheme is used to understand the impact a cyber incident may cause, and based on the scheme, recovery options are outlined, which are followed during emergencies and recovery. There exist various classifications, such as the NCSC ^[23], NIST ^[25], and other schemes ^[26]. We do not advise on which scheme to follow; however, it is extremely important that the organisation follows a particular one.

Outcomes / Outputs

(Conduct / Fix / Ingest / List / Plan / Procure / Produce / Report / Review / Set / Test  / Train )

1. List of potential impacts and recovery options against each

Reference

23. NCSC (2018), “New Attack Categorisation System to Improve UK Response to Incidents”, 11 April 2018. Retrieved Nov. 2019. https://www.ncsc.gov.uk/news/new-cyber-attack-categorisation-system-improve-uk-response-incidents

25. NIST Special Publication 800-61 Revision 2 (2012), “Computer Security Incident Handling Guide”, Revision 2. August 2012
26. Cyril Onwubiko and Karim Ouazzane (2019), “SOTER: A Playbook for Cyber Security Incident Management”, IEEE Transaction on Engineering Management. 2019 (in press)