// THREAT DETECTION AND DATA PRIVACY TERM
Crisis Management
Crisis management in cybersecurity involves an organization's coordinated efforts to handle and recover from severe unexpected events, such as a major data breach or cyberattack, to minimize damage and restore normal operations. It focuses on strategic decision-making and communication during highly stressful situations.
TECHNICAL DEFINITION
Crisis Management is a strategic organizational function within Cybersecurity & Defense that encompasses the planning, execution, and coordination of an entity's response to critical, high-impact incidents (e.g., advanced persistent threats, data breaches, system outages) to mitigate operational disruption, protect critical assets, safeguard stakeholder trust, and ensure rapid recovery and business continuity. It integrates strategic communication, operational recovery, and legal compliance to address severe threats and reputational damage.
BACKGROUND
The Norwegian Directorate for Civil Protection is a Norwegian government agency under the Minister of Justice and the Police. DSB's general purpose is to protect Norway and its citizens from accidents, disasters, and other incidents. Examples of areas of responsibility for DSB include prevention, crisis management, studies and analysis, civil/military cooperation, training, evaluation, and supervision. In addition, civil defense is subject to regulation by DSB, as is cybersecurity. DSB is also involved in international crisis coordination groups.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Emergency Response
- Disaster Recovery
- Incident Management
- Business Continuity Planning
- Risk Mitigation
- Strategic Response
- Crisis Planning
USAGE NOTE
While incident response focuses on the technical handling of a cyber event, crisis management provides the overarching strategic framework, communication, and decision-making for the organization's comprehensive reaction to significant security incidents.
DEVELOPERS
Organizations developing technology related to Crisis Management.
Offers a broad portfolio of security products and services, including incident response, threat intelligence, and security operations platforms (like QRadar and Resilient), which are essential for managing cyber crises.
A global software company that provides critical event management (CEM) solutions. Their platform helps organizations anticipate, mitigate, respond to, and recover from critical events, including cybersecurity incidents.
A leading cybersecurity company providing a platform that includes firewalls, cloud security, and security operations (Cortex XSOAR) solutions to automate threat detection and response, crucial for managing cyber crises.
Offers a cloud-based platform that includes Security Operations (SecOps) and IT Service Management (ITSM) modules, enabling organizations to respond to and manage security incidents and crises efficiently.
Known for its incident response expertise, threat intelligence, and security validation technology. Mandiant helps organizations prepare for, respond to, and recover from sophisticated cyber attacks, acting as a crucial partner in crisis management.
Provides a data platform for security information and event management (SIEM) and security orchestration, automation, and response (SOAR), empowering organizations to detect, investigate, and respond to cyber threats and manage incidents as they escalate into crises.
Specializes in cloud-native endpoint protection, threat intelligence, and incident response services. Their Falcon platform provides real-time visibility and automated protection, critical for managing and containing cyber crises.