While cybersecurity exercises are a critical part of evaluating your organization’s readiness, one which isn’t properly planned can give you a false sense of security, and lead to disaster when an attack actually occurs. Instead, when considering a test, a lot of care needs to be taken to determine such concerns as:
- What are you intending to evaluate,
- Will this help with risk mitigation,
- Will this build both skills and awareness amongst your team, and
- How will this activity align with compliance
Once the answers for the above questions are known, efforts can instead be shifted to determining the proper type of cybersecurity exercise, and then stepping through the exercise development process. Ideally, any such process for developing an exercise should include:
- Setting of team goals
- Holding a kickoff meeting, and establishing rules for the event
- Exploiting identified vulnerabilities, and establishing defensive measures
- Determining scoring and evaluation criteria
- Conducting a detailed debrief and reporting
Source:
https://www.cpomagazine.com/cyber-security/how-to-conduct-a-successful-cybersecurity-exercise/
