In every organized administrator’s desk drawer is a binder with an office management plan in case of emergency. Up until this point, most disaster management plans have not included information about how to respond in the event of a cyber security emergency.
When unwanted cyber guests arrive, many organizations don’t know how to react. Who should communicate what to whom? Who directs the efforts? Who announces that everyone can get back to business as usual?
Even if an organization does have a general sense of how to proceed in a cyber security emergency, a step-by-step working model of how to proceed will maximize efforts and minimize damage from potential oversights.
When a large consumer electronics company experienced a breach in 2014, employees alerted the FBI a week later; a more immediate report to the FBI could have expedited clean-up and PR damage.
Running cyber-attack simulations in the same way that organizations run fire-drills, is a tried and true method for developing a cohesive cyber-attack response. Table-top simulation exercises permit everyone from the shareholders, to the C-suite, to the technical experts to prepare for the business interruption, to practice communicating along a chain of command, and to test out managing expectations both internally and externally.
Time is of the essence when it comes to cyber responses, and maximizing it can yield huge payoffs. Engaging in cyber-attack ‘fire-drills’ allows you to adopt agile and synchronized threat responses so that, when faced with the inevitable, you can quickly get back to business as usual.
Get the full story from Forbes.