
Source: Cybersecurity Dive
Summary
The US Cybersecurity and Infrastructure Security Agency (CISA) acknowledged that it missed a chance to prepare for a security incident by not creating a response plan in advance. CISA stated that having a plan would have helped mitigate the impact of the incident. The agency reported that it is taking steps to improve its incident response capabilities.
Our Reading
The announcement sounds ambitious.
CISA admitted to missing an opportunity to get ahead of a security incident. The agency said it should have created a response plan ahead of time. This sounds like a familiar script. CISA is taking steps to improve its incident response capabilities, because that’s what you do after something goes wrong. The incident response plan is a “new” feature that users already had – common sense.
Author: Evan Null








