How Do Tabletop Exercises Help IT Teams?
Your IT department may already participate in tabletop exercises led by other campus organizations. University police and local law enforcement conduct tabletop exercises to practice responding to a variety of disaster scenarios, and there is often an IT component to the response. If your IT organization is not a part of these drills, it should be.
In addition to solidifying the IT aspects of a disaster response, tabletop exercises teach key concepts that are directly applicable to IT and cybersecurity incidents. If you’re not familiar with your institution’s all-hazards incident response plan or continuity of operations plan, this can be a great starting point to build your relationships with your campus incident response community.
While not specific to IT, the Incident Command System used by the Federal Emergency Management Agency and others provides an excellent blueprint for scaling responses to expanding incidents. ICS defines an overall response structure that incorporates operations, planning, logistics, communications, finance and interagency liaisons. Many of the concepts provided by ICS are directly applicable to cybersecurity incident response.
More specific to IT, the Department of Homeland Security’s National Cyber Incident Response Plan provides excellent insight into the command structure and core capabilities required to respond to a cybersecurity incident. Organizations working to establish or improve their cybersecurity incident response can review the core capabilities outlined in this plan to determine where they should focus their efforts.
Click the banner below to learn how to strengthen your team's security strategy.