Cyber-hygiene and prevention are sometimes hard to fit in when there are so many vulnerabilities, zero-day attacks and third-party incidents that keep us busy every day. During the pandemic, many companies put their Incident Response Plans and tabletop exercises on the back burner as they were migrating an entire workforce from office to home, and other response requirements took priority over preparedness.
Now that it has been a year since the migration, and it looks like remote work will continue to be part of the “new normal,” thinking about incident response planning, including tabletop exercise is timely.
I have always conducted live tabletop exercises because it is effective to get the Incident Response Team in the room, present different scenarios, discuss pros and cons, how to respond, whom to call, and what to do, and determine follow-up items after the exercise.
With remote working and companies still not shifting to on premises operations, many companies have not developed or reviewed their Incident Response Plan, nor have they conducted a tabletop exercise in the last year.
The best way to prepare for an incident is to practice. If an incident occurred now, your Incident Response Team would have to meet virtually, so it makes sense to conduct a tabletop virtually as well. A tabletop is meant to mimic a real incident and how the team will respond. What better way to test the team now than to conduct the tabletop virtually?
A virtual tabletop is better than no tabletop, and practice is better than no practice.
Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XI, Number 77