The National Institute of Standards and Technology (NIST) prepared a document intended to be helpful with recovering from a cybersecurity attack. The document, titled Guide for Cybersecurity Event Recovery, sets forth two phases of recovery- tactical recovery and strategic recovery.
Tactical recovery follows procedures in place prior the cyber attack. Strategic recovery anticipates identifying lessons learned from the attack and using those lessons to plan for recovery from future cyber attacks.
A copy of the guidebook can be accessed here.
