Jeremy Pickett 3/4/25 Jeremy Pickett 3/4/25

RC.CO-3: Communications

Recovery activities are communicated to internal and external stakeholders as well as executive and management teams.

Jeremy Pickett 3/3/25 Jeremy Pickett 3/3/25

RC.CO-2: Communications

Reputation is repaired after an incident.

Jeremy Pickett 2/28/25 Jeremy Pickett 2/28/25

RC.CO-1: Communications

Public relations are managed.

Jeremy Pickett 2/26/25 Jeremy Pickett 2/26/25

RC.IM-2: Improvements

Recovery strategies are updated.

Jeremy Pickett 2/25/25 Jeremy Pickett 2/25/25

RC.IM-1: Improvements

Recovery plans incorporate lessons learned.

Jeremy Pickett 2/24/25 Jeremy Pickett 2/24/25

RC.RP-1: Recovery Planning

Recovery plan is executed during or after a cybersecurity incident.

Jeremy Pickett 2/21/25 Jeremy Pickett 2/21/25

RS.IM-1: Improvements

Response plans incorporate lessons learned.

Jeremy Pickett 2/20/25 Jeremy Pickett 2/20/25

RS.MI-3: Mitigation

Newly identified vulnerabilities are mitigated or documented as accepted risks.

Jeremy Pickett 2/19/25 Jeremy Pickett 2/19/25

RS.MI-2: Mitigation

Incidents are mitigated.

Jeremy Pickett 2/18/25 Jeremy Pickett 2/18/25

RS.MI-1: Mitigation

Incidents are contained.

Jeremy Pickett 2/17/25 Jeremy Pickett 2/17/25

RS.AN-5: Analysis

Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organization from internal and external sources (e.g., internal testing, security bulletins, or security researchers).

Jeremy Pickett 2/14/25 Jeremy Pickett 2/14/25

RS.AN-4: Analysis

Incidents are categorized consistent with response plans.

Jeremy Pickett 2/13/25 Jeremy Pickett 2/13/25

RS.AN-3: Analysis

Forensic data is collected.

Jeremy Pickett 2/12/25 Jeremy Pickett 2/12/25

RS.AN-2: Analysis

The impact of the incident is understood.

Jeremy Pickett 2/11/25 Jeremy Pickett 2/11/25

RS.AN-1: Analysis

Notifications from detection systems are investigated

Contact: jeremy@japhontech.com : : japhontech, LLC