Training is a critical step in being prepared to respond to real cybersecurity incidents. A quick and easy way to help prepare your team is to hold short 15 minute table top exercises every month. Here are a few of the important questions you may want to ask while holding a tabletop exercise:
-
Do you have a Cybersecurity Incident Response Plan?
-
Do you have compliance requirements you must adhere to? (PCI-DSS, HIPPA, FISMA, IRS, or Sarbanes-Oxley)
-
Who should you notify internally in your organization? External to your organization?
-
Do you have a backup point-of-contact for key roles in your organization? (For example, who do you contact if the manager who handles cybersecurity issues is out sick or out of town on vacation?)
-
What are the resources available to your team?
-
Who do you contact to get more resources? (For example: consultation, equipment, or additional cybersecurity professionals.)