Mastering the tabletop: 3 cyberattack scenarios to prime your response
- by nlqip
Questions to think through during the tabletop include:
- How long does the organization keep backups?
- How long does it take to restore from backups and has that process actually been tested?
The tabletop also invites discussions around how the organization is prepared to respond to the discovery of unauthorized administrative activity, who would be notified, and how.
Helping security teams think of everything that needs to be done
The point of the exercise is to force security teams to consider what resources are required for incident response and what processes might be invoked to mitigate the impact from malicious activity from an insider threat.
There also may be a need to contact law enforcement and to sufficiently document the incident to be able to legally pursue the attacker and hold them accountable for the malicious activities.
Scenarios like these can and often do play out, with former employees becoming frustrated with a former employer and looking to use insider information they are privy to, to try and compromise or negatively impact the organization both technically, financially and reputationally.
Organizations need to have comprehensive plans and processes in place to halt malicious activities, mitigate the impact, respond to and recover from the incident and legally pursue the insider to hold them accountable for their actions.
Source link
lol
Questions to think through during the tabletop include: How long does the organization keep backups? How long does it take to restore from backups and has that process actually been tested? The tabletop also invites discussions around how the organization is prepared to respond to the discovery of unauthorized administrative activity, who would be notified,…
Recent Posts
- Windows 10 KB5046714 update fixes bug preventing app uninstalls
- Eight Key Takeaways From Kyndryl’s First Investor Day
- QNAP pulls buggy QTS firmware causing widespread NAS issues
- N-able Exec: ‘Cybersecurity And Compliance Are A Team Sport’
- Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’