Tabletop exercises
Training is a critical step in being prepared to respond to real cybersecurity incidents. A quick and easy way to help prepare your team is to hold short 15 minute table top exercises every month. Here are a few of the important questions you may want to ask while holding a tabletop exercise:
-
Do you have a Cybersecurity Incident Response Plan?
-
Do you have compliance requirements you must adhere to? (PCI-DSS, HIPPA, FISMA, IRS, or Sarbanes-Oxley)
-
Who should you notify internally in your organization? External to your organization?
-
Do you have a backup point-of-contact for key roles in your organization? (For example, who do you contact if the manager who handles cybersecurity issues is out sick or out of town on vacation?)
-
What are the resources available to your team?
-
Who do you contact to get more resources? (For example: consultation, equipment, or additional cybersecurity professionals.)
Here are some tabletop exercises you can use:
- Have one or two people from your agency visit two sites recommended by our federal partners as safe for browsing. Have the team identify which logs would be needed to trace this activity through the network -