Tips & Tricks
Test Your Cyber Security Readiness
It was 2:30am one weekday night when my smoke alarms started going off at home. They are all connected together, so the whole house was a nice alarm bell. It was a weird fall night when it was warm outside and very foggy. We have had a lot of work done in the house, and I assumed it was a malfunction because of the dust that had been kicked up and the humidity outside. I disconnected the alarm that started this noise and got the family back into bed.
It wasn’t until 20 minutes later that I realized my mistake. I assumed I knew what the problem was, but I didn’t verify. Off I went checking every corner of the house to make sure I was in fact correct, and there was no fire, (which gladly there was not); but those 20 minutes could have been disastrous. I needed a plan.
Every business should have an incident response plan. Something to follow at 2:30 in the morning when you are not fully awake and thinking clearly; allowing you to contain the problem and not make it worse. A well thought out plan will help you limit downtime and increase confidence in your systems. But a good plan is not enough, you need to test it. This will help you find out what doesn’t work and allow you to replace equipment, software, or adjust policies prior to something happening. This is where table top exercises come in. You declare a disaster (email is broken, DNS provider goes down, Azure AD offline, etc) and you follow the plan to resolution. That’s when you find out that the phone tree doesn’t work when nobody has access to the file server. Without testing, you really never know if it will work.
When this is done, a postmortem should be reviewed. What are the lessons lear