Entire section Custom print Link Text Only Rich Text Print
  Versions

 

RM-9.1.45

Licensees should establish metrics to measure the impact of a cyber incident and to report to management the performance of response activities. Examples include:

1. Metrics to measure impact of a cyber incident
(a) Duration of unavailability of critical functions and services
(b) Number of stolen records or affected accounts
(c) Volume of customers impacted
(d) Amount of lost revenue due to business downtime, including both existing and future business opportunities
(e) Percentage of service level agreements breached
2. Performance metrics for incident management
(a) Volume of incidents detected and responded via automation
(b) Dwell time (i.e. the duration a threat actor has undetected access until completely removed)
(c) Recovery Point objectives (RPO) and recovery time objectives (RTO) satisfied

 

Added: January 2022