National Information Systems Security Agency created a “crisis pilot” role motivated by the increasing complexity of cyberattacks. The agency’s mission is “to support the victim in their crisis management process until their activity is restored.”
Therefore, the growing complexity of Cyber attacks gives the crisis pilot its raison d’être. Faced with digital malice that is increasingly transversal and whose impact on the company is just as transversal, the response can only be transversal.
This transversality is the very basis of the added value of the crisis pilot. This person must ideally be in his place within the IT department during technical milestones, discussions with the team of digital investigators, or even with the CISO, whom he will be able to advise on deploying new cybersecurity solutions supporting incident response. But he must be just as comfortable in crisis communication or in dealing with the company’s management committee, with whom he must demonstrate pedagogy by presenting the situations, options, and risks in a transversal and transparent manner. Ultimately, its role is to provide leaders with the means to make informed decisions in a situation that is not.
To a base of solid technical knowledge (probably from a prior career in cybersecurity consulting), the crisis pilot must add organizational solid capacity and, above all, a series of “soft skills,” more difficult interpersonal and communication skills. To be formally evaluated. Among these, we find in particular the skills of listening, synthesis, and communication, as well as empathy, punctuality, attention to detail, the ability to resolve conflicts, organize chaos, carry out several tasks at the same time… and so many others for which no diploma exists!
Although difficult to assess, these characteristics are nevertheless essential, as the day of the crisis pilot will take place in contact with varied interlocutors with diverse expectations and heterogeneous levels of knowledge (technical, in particular). Worse: everyone will be keen to resolve problems within their own scope as quickly as possible, sometimes to the detriment of others and above all outside of any sequencing logic (certain activities must be operational before others). It is then the role of the pilot not only to propose the methods and the organization that will allow the objectives of crisis management to be achieved without going astray (in particular, the restarting of the activity in complete safety) but also to align everyone’s expectations and, sometimes, calm people’s enthusiasm.
When the crisis system is activated, the pilot will be responsible for monitoring the ramp-up of the system, from rigging the different cells to monitoring the first technical actions, including the compilation of the first managerial summaries. He is certainly not in charge of these different actions (the crisis management plan has identified each of those responsible beforehand). Still, he must ensure that they occur and alert if they differ. Thus, from the first moments of the crisis, the pilot is the guarantor of the system’s structure, whatever the situation on the ground. He makes all the difference between theory (the crisis management plan) and reality (dealing with absences, unavailability of essential technical solutions, inevitable errors, the effect of astonishment due to a significant impact, etc.)
Finally, his hierarchical positioning is essential: if a certain seniority is an asset, it is preferable that the pilot has the status of autonomous expert and is outside the hierarchy, where he could come up against conflicts of interest or experience unnecessary pressure. This is why the role is often entrusted to an external expert, a consultant either integrated into the third-party incident response system (the advantage of a fresh perspective), or a regular partner of the company (the advantage of already well-known the context of intervention).
Once the first hours have passed, the pilot will guarantee the battle rhythm (ensuring the correct sequence of crisis units) and, above all, will actively contribute to sharing information between the different actors. He will pay particular attention to the tricky connection between governance (decision-making unit) and technology (operational unit). He will also liaise with the investigation team, providing context and new elements on both sides.
Given his experience, agility, availability, and multifaceted skills (he is also likely to intervene in communication and advise on a network architecture), the crisis pilot is the essential anchor of decision-making in times of crisis.
Also Read : Cybersecurity Tips For Remote Work
Google Docs is an internet-based application that allows users to easily create, edit, and collaborate…
The battle for artificial intelligence is underway in cybersecurity. Between cyberattackers and defenders in organizations,…
Remember the prehistoric days of battling other fans over the last team slab of plastic…
The popularity of ebooks has grown exponentially over the past few years, with the online…
Poor management can become the beginning of the end of your business. To ensure business…
Although experts agree that no system is 100% secure and foolproof, for the good of…