Ransomware rehearsals offer stage for IT and execs to connect
August 15, 2022 – Published on IT Brew
A ransomware rehearsal gets crowded.
During what’s known as a “tabletop” exercise, a combination of legal counsel, security officers, C-suite execs, and more may take over every chair in the conference room as they create a response-plan for a simulated cyberattack, sorting out answers to not-fun questions like:
Disclose or not disclose?
Shut down systems or keep them running?
And, of course: Pay or not pay?
According to incident-response pros who spoke with IT Brew, the tabletop offers a chance for a CISO, CIO, or IT staff member to get on the same playbook page as senior leaders, specifically regarding roles and priorities.
A tabletop exercise finds communication gaps in an incident response plan, according to Drew Schmitt, managing security consultant at GuidePoint Security, a consultancy that also runs tabletop exercises and helps companies hit by ransomware.
“Because executives don’t get exposed to ransomware-type response scenarios every day, a lot of times they’re not really sure who the priority is in terms of communication, or even that some teams need to be engaged. So, a lot of what we find in gaps ends up being very procedural, and a lot of it’s based on communication,” said Schmitt.
Read More HERE.