In many cases, these breaches come undetected at first, which provides the attacker with an unlimited amount of time to plan the best direction of attack to exploit your business, whatever the motive is behind the cyber attack.
With the increasing number of connected devices within organisations in recent years, a traditional approach to cyber defence is not adequate to keep up with the pace and volume of potential attacks.
You may consider a reliable cyber security system or vulnerability scanning when considering how your organisation can minimise or mitigate a potential attack. You might also utilise cyber security automation to detect anomalies within your IT environment amongst some of the core parts of a good security posture.
Even with all the tools in place, the human factor should be considered, as many methods of attacks require some type of interaction. This could be as simple as a URL link included in a spoof email that when clicked ultimately provides the hacker access to the framework. Having staff within your organisation trained in cyber incident response is vital in helping the organisation recover as quickly as possible.
A tabletop exercise is a common starting point in ensuring cyber security policies and processes are understood and followed. A discussion-based scenario exercise allows to test each member’s roles and responsibilities in the event of a cyber-attack.
Running regular tabletop exercises, either through an external specialist or by facilitating them internally, is essential to the organisation’s cyber security defence. Tabletop exercises can help reveal any gaps in the response process, gaps which, in the event of a breach, can change the decisions in terms of how the organisation will react.
Your organisation might use an external third-party provider and operator of a Security Information & Event Monitoring (SIEM) system. Do they have an accurate and up-to-date contact list for your organisation? Is the person always contactable; if they contact your nominated Incident Response
Manager or the hierarchy of people within the organisation, can they be contacted? Is there a communications plan set in place?
The above questions are examples of gaps a Tabletop exercise can identify; despite their simplicity, those questions can show how your organisation will respond to a potentially harmful threat.
Incident Response training and Tabletop exercises help structure two critical areas of your organisation’s cyber security. Improving your incident response process and your team's confidence and ability to respond to a cyber incident.
A Tabletop service can be delivered virtually or onsite and, can also be planned or unannounced depending on the organisation’s needs. A planning meeting with the organisation’s IT department is held ahead of the exercise to establish a scenario, scope and scale of the incident that the Tabletop exercise will perform.
As various areas of the organisation are monitored during a proposed scenario, the service provider will compose a concluding report highlighting the observed gaps within the organisation’s system and SIEM, amongst other areas where improvement is required.
Depending on the results of this report, it might suggest another session to be planned in the future to ensure the cyber security strategy develops.
If you want to find out if your organisation is ready to protect itself from a cyber security attack, or you would like to find out more about Tabletop exercises, contact our team.