Incident Response Plan Testing

Having a documented incident response plan is a must for any business (unless you’re using managed security services).  However, I’ve found that few organizations are actually testing their plans.  This also goes for DR and BCP plans — I don’t see any value in creating a plan if you’re not testing it regularly as new personnel come and go, changes roles etc.

I was at a recent event where they provided some great sample exercises which I’ve included below.  Take a look, these really stretch your imagination but are things you need to be considering.  Have some fun, make a day out of it, and make sure you get the necessary folks involved.  If you don’t get the appropriate level of sponsorship you’re going to have trouble getting any plan to succeed.  Do you want to be woken up at 3:30 in the morning with a potential breach and have no idea where to start?

Incident Response exercises

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s