Preventing cybersecurity disasters—large or small—rather than having to recover from them is preferable, for obvious reasons. However, experts at the National Institute of Standards and Technology (NIST) are concerned that overreliance on prevention is as bad as being underprepared. In the NIST special publication Guide for Cybersecurity Event Recovery (PDF), authors Michael Bartock, Jeffrey Cichonski, Karen Scarfone, Matthew Smith, Murugiah Souppaya, and Greg Witte explain why:"There has been widespread recognition that some cybersecurity events cannot be stopped and solely focusing on preventing cyber events from occurring is a flawed approach."
That attitude among NIST experts started gaining traction two years ago when the Federal Government's Office of Management and Budget published the agency's Cybersecurity Strategy and Implementation Plan (CSIP). The following quote, in particular, captured the attention of NIST personnel:"CSIP identified...(continued)