After months of preparation and scenario design, today we have launched our first GDPR Wargame exercise! We've had participants from big and small businesses working together to address a hacktivist attack at V&H Bank that resulted in a major data breach...
What have participants learned?
Know your enemy
Sit down with key people on your team and think about who would be involved in the decision-making process in the event of a cyber security breach. This will be easier for bigger businesses, in general, as most of them will already have a well-defined and trained crisis management team, including representatives from cyber, IT, communications, legal, customer services, and senior management. Smaller businesses may need to include and train the entire team on what typical attacks could look like, who would be involved in the response, and how response would play out for different types of attacks. Preparation is key: discussing incidents, that happened in your industry sector is a good place to start.
Apart from discussing the technical details of past attacks, look at how attack victims had communicated throughout the incident. What messages have they shared with their customers, the wider public, law enforcement and the regulators?
Build your human firewall
We tend to think that detecting and responding to a cyber security incident is the sole responsibility of the IT security department. However, everyone in the organisation will have a role to play in a successful response. It is important that everyone knows who to report suspicious emails or signs of infections to, and feel personally responsible for flagging up inconsistencies.
Tip: Put together scripts of basic comms statements that customer-facing colleagues can communicate at each stage of an incident. Get together a list of individuals (with back-ups!) from the organisation, who can address media queries and make sure all journalist enquiries are escalated to them.
Practice, practice, practice
Rehearsing different attack scenarios and putting together playbooks for each will make it easier for team members to focus on what needs to be done when a real attack happens.
Tip: Practicing in a safe environment will reveal gaps in your response, and you will be able to address these in advance.
Here’s how you can get started with crisis management exercising with the Resilience Dojo platform
Head to our Home Page
Fill out the baseline questionnaire or send us a message to go through this over a call
Schedule your first exercise to baseline your team performance