Cyber Risk Management Chronicles, Episode V - Cyber Fundamentals: Tabletop Exercises

EDRM - Electronic Discovery Reference Model

Lockhaven Solutions Logo

Image: Lockhaven logo

Cybersecurity programs must be tested on a routine basis. It takes significant time and effort to develop a cybersecurity program.  The efficacy of a program is only theoretical until thorough testing is conducted.  One of the most effective ways to test a program is by conducting tabletop exercises. Such testing can be conducted at any stage of program development, either to measure an adaptive program’s efficacy in responding to various scenarios, or to assist a nascent program in the identification of gaps in need of attention.

Is your organization truly prepared for a cyberattack or breach? Simply having a cybersecurity incident response plan is not sufficient to protect an organization. Industry experts strongly recommend running a tabletop cybersecurity exercise at least once per year. Practice makes perfect, and the result is often a more resilient response when it matters most — during an actual event.

Tabletop exercises offer maximum value when the scenario is specifically tailored to an organization’s unique characteristics including threat vectors, industry, data, assets, and culture.

Lockhaven Solutions

The goal of a cybersecurity tabletop exercise is to evaluate your cybersecurity program, including responsible team members’ reactions to simulated real-world scenarios. Tabletop exercises offer maximum value when the scenario is specifically tailored to an organization’s unique characteristics including threat vectors, industry, data, assets, and culture. 

Training received during tabletop exercises will enable teams to act more efficiently during real events. Tabletop exercises also demonstrate the necessary cooperation and communication with key people across departments within the organization; these are emphatically not siloed IT exercises. The bottom line is that cyberattacks and breaches can be incredibly stressful events and untested individuals and teams are a risk. It is essential to have the practiced ability to take appropriate steps, restore functions promptly, and minimize potential damage. 

Written by:

EDRM - Electronic Discovery Reference Model
Contact
more
less

EDRM - Electronic Discovery Reference Model on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide