Cyber Security Drills Can Save the Organization from Actual Crisis
The best method to asses any security process or solution is to first test it out in a simulated environment or to run mock drill. In terms of natural calamities or man-made disasters, the rescue team always works on a full-proofed strategy and that can be achieved only by testing them out. This is equally important in case of cybersecurity measures. Companies are too reliant on cutting edge tools to give them the security readiness. While tools are critical and gives a sense of comfort, it is just not sufficient. Cyber Security in an organisation is an across board responsibility extending across to every employee. It is just not enough to have a security team in place – the readiness should extend across the organisation and for them to be prepared to expect the unexpected, drills can be a very effective tool. It is important that the employee knows how to react when there is a phishing attack or a ransomware attack. Initially the employee may get overawed by the drills but regular sessions will see them get comfortable and more importantly confident. The learnings from the drills also helps the CISO organisation within the company to learn what works best and what opportunities exist to improve their security practices in terms of what works best, before the actual crisis takes place ensuring one is not caught short.
Vikas Bhonsle, CEO at Crayon Software Experts India
The best way to be assured about any security process or solution is to test it in a simulated situation, i.e. to do a safety drill. A mock crisis can help to evaluate if the organization is well prepared to face a real one. In cybersecurity practices too, such tests can audit the incident detection & response plan of the company. Nobody, after all, wants to face a real-life cybersecurity incident. To address this, companies can run a mock drill where a team of experts can act as ‘bad players’ and try to breach the organization’s network. During the drill, the appointed team or person will try to break-in into the organization’s cybersecurity infrastructure. This activity will reveal the weak spots and loopholes and understand where the IT team needs to work and where policies need adjustment. This can be done with the help of the in-house IT staff within the prescribed boundaries. However, at times an outside specialist can be better at doing this job. The tabletop exercise is also an easy method to employ, where participants are given the basic knowledge of how they must act in a hypothetical situation. Also, employees must be made aware of different threat vectors that they may come across, like phishing and spear-phishing attempts. At times, people unknowingly click on unsuspecting emails letting malicious software get into their machines. In a drill, a mock phishing email can be sent with an attachment or link that goes to a mock login page, which will show how many people not only click on dubious links but also insert their credentials. These drills have to be conducted without prior warning so that the recipients won’t be on guard. Other than that, running a mock denial-of-service (DoS) attack will show how quickly the IT team notices that something unusual is happening.
By detecting and responding to simulated cybersecurity incidents, companies are only going to learn what works best and what opportunities exist to improve their security practices, before the actual crisis takes place.
Watch ‘The Making of Flow Weaver’ and Find the Game on Steam!
