The importance of practicing a cyber-response plan

Giraffe tightropeIf you’ve been following the suggestions in recent posts, you’re well on your way to being prepared to quickly respond to a cyber attack.

The next step is to practice your plan. This will make your team familiar and comfortable with the plan so they know what to expect and how to react to an event. Equally important, practice will help create a culture of awareness throughout your organization.

Training is key to a culture of awareness, so do your best to make training informative and engaging. This can be rolled into your security awareness training or business continuity training—as long as there is an emphasis on the cyber-incident side. And don’t just train your cyber team, if you include all employees in cyber awareness, they’ll have a better understanding their roles in the event of an incident.

Exercise sessions could be a series of tabletops that would eventually include all employees. For a helpdesk or customer support team, describe a series of events and ask, “If this action were to be noticed, would it need to be reported? What would you do next?” Use similar exercises for the sales and marketing teams. For the IT team, perform a series of incident-based exercises from ransomware to high-volume traffic on a specific port on a firewall and ask what action steps would be followed—by whom, and when. Follow up with real-life scenarios using an independent consulting firm or a simulator environment. Invite your executives to participate in a spear phishing exercise along with a member of the incident management team to practice full response.

Want to learn more? Download your free guide, How to Develop an Effective Cyber-response Program, today.