February 23, 2019 | Categories: IR Plan |

Practicing for the Specific Risks That Your Organization Faces Can Help You Be Better Prepared for the Real Thing

If a data breach were to occur within your organization’s network today, would you be prepared to respond? Would your team know the right process for resolving the issue? These questions don’t always have easy answers — which is why it’s so important to make sure you’re properly planning in advance. An incident response tabletop exercise can help you understand how to approach the real situation with confidence.

Without a proper plan in place, it’s easy for cybersecurity crises to turn into chaos. Why does this happen? When a crisis occurs, the clock instantly starts ticking. The longer that the issue goes unresolved — and the longer you’re working on it — the more money your business loses. Without a plan, teams don’t know who they should be communicating with or who is in charge of making IT- or business-related decisions.

By going through an incident response tabletop exercise, you can identify the weaknesses in your current strategy, understand what’s already working well, and develop a strong action plan for any future problems that may arise.

Let’s take a deeper look into what scenarios organizations can practice for, and what you should be paying attention to when you go through them.

Try These Incident Response Tabletop Exercise Scenarios

The easiest scenario to tackle is the small problem you can resolve quickly. Even though it might not seem like a big emergency, you still should have a proper plan in place. Say, for example, a member of your IT team deploys a patch that accidentally brings down the network. This is an easy fix, but who needs to talk to who? Who’s in charge of resolving the issue? What kind of process can you create to make sure it doesn’t happen again?

A bigger issue that you can work through in a tabletop exercise is a data breach. Let’s say your company has been storing information in a public network — and you just found out that login credentials on this network have been exposed. What is your first step? What do you tell your employees? Do you have to notify your customers? Does legal need to be involved?

Are you worried that your company is at risk of being targeted by a hacktivist group? With serious situations like these, it’s important that you understand what potential threats there are to your organization, and how you plan to monitor them. Will you need assistance? If so, who do you call? How do you notify your organization of the threat?

In any of these examples, communication is a key factor. The best plans ensure that everyone is on the same page, understands their role, and is cohesively working toward the same goal. When you prepare for an incident response tabletop exercise, it helps to have an expert partner on your side who can guide you through the right steps and provide insight into how you can improve.

At MRK, we get to know your business’s specific needs in order to create an incident response tabletop exercise scenario that fits the risks that your organization faces. Interested in learning more about our services? Get in touch with our team here.