to respond to the attacks and work through the recovery   at your entire process (Identify, Protect, Detect, Respond,
          plan. These approaches are incredibly helpful in testing   and Recover) to identify what went right, what went wrong,
          preparedness, identifying gaps, improving processes, and   and ways to improve your cybersecurity process.
          increasing organizational resilience.
                                                              No one can guarantee cybersecurity prevention efforts
          When a cybersecurity incident does happen, it’s important   will work 100% of the time. For this reason, response and
          to know that even well-prepared organizations can make   recovery planning is critical. Organizations who do this and
          mistakes during their recovery process. Because of this   follow the NIST guidelines highlighted in this article will be
          reality, the Recover function of the NIST Cybersecurity   better prepared to control the fallout of a cyberattack should
          Framework also includes an improvement phase, where   it occur—and will find the effort to be time well spent.
          you are advised to take lessons learned and incorporate
          them into improving the recovery process and plans. It          Kevin Smith is CTO of Tridium, providing
          also advises you to send improvement feedback into the          technology strategy and direction. The author of
          other four functions of the framework when appropriate.         seven technology books and numerous articles,
          For example, we’ve seen situations where organizations          he is a frequent speaker at industry conferences
          have recovered from an attack without addressing the            with a focus on the intersection of technology and
          root cause of the problem—only to have it happen again!   information security. For more than 25 years, Kevin has led
          Many times, incidents will identify weaknesses in current   technology organizations and endeavored to develop highly
          processes which must be addressed in an effective way.   secure, data-focused software solutions for a wide variety of
          After each incident, your organization should always look   customers, including both the U.S. government and the


          1  Smith, Kevin T., “Cybersecurity and the IoT–Threats, Best Practices and Lessons Learned,” www.tridium.com, 2019. https://www.tridium.
          com/~/media/tridium/library/documents/collateral/white papers/white paper cybersecurity and the iot threats best practices and lessons
          learnedjan 2019-1.ashx?la=en














       The Leading IoT Data and Analytics Platform for the Built Environment

                  SkySpark® Analytics automatically analyzes data from building automation, metering systems
                  and other smart devices to identify issues, faults and opportunities for savings. Learn why
                  SkySpark has been deployed to over 1 Billion square feet of facilities around the world for
                  energy management, optimization, monitoring-based commissioning and fault detection.


















                    Find What Matters™ to Improve Equipment Performance and Reduce Operational Costs.
            IBCON 2020


                Booth #507                                                                 www.skyfoundry.comww.skyfoundry.com  41
                                                                                           w