Question
Original question below for reference only. Not to be answered. Please ONLY reply to responses
430 Topic 7 DQ 1 (NOT TO BE DONE)
Many organizations do not regularly practice/exercise their contingency plans, and some simply do not have one (or lack a comprehensive plan). How would you obtain commitment and engagement from an organization to establish and conduct routine tabletop exercises for incident response and disaster recovery plans?
Reply to responses 430w7 (TO BE DONE)
Please read before replying to responses. 100-150 words.
Response Requirements
Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers…
A Aaron
I am not surprised that organizations do not regularly practice their contingency plans or even have one in place. The first thing to consider when creating any tabletop exercise is to create a realistic scenario that might happen to an organization because the threats might vary based on industry the organization is part of. During the tabletop exercises, you should present clear objectives and follow a schedule. You should also make copies of the incident response and disaster recovery plans and keep track of the progress on a whiteboard. Before the exercise starts a moderator must review the objectives and the scope of the exercise. Once the exercise has been performed, you should review the process and understand what worked and what needs to be improved on. After the exercise you must act on what was learned and allow the entire team to practice their responses in real time and it can help identify the weaknesses and any gaps that might exist in the organization’s response.
Agility (2019) How to Create a Disaster Recovery Tabletop Exercise. Retrieve from https://www.agilityrecovery.com/article/how-create-disaster-recovery-tabletop-exercise
B Jacob
Practice makes perfect and in the IT field, there is no exception. “A Gartner report found that only 37% of organizations have a documented cyber incident response plan” (LIFARS, 2020). What makes it worst is that most organizations that may have a cyber incident plan are not practicing for the what-if possibility of attack. This means that employees of the organization have no real grasp of what to do in the event of an attack. A way that organizations can practice for these types of events is to implement routine tabletop exercises which allow either C-level executives or an internal security team to focus on high management employees to analyze the organization’s crisis management, the ability to detect, contain, and respond to a potential attack. Best practices to have commitment and engagement in these exercises are to lay out the objectives of the exercise, truly understand the audience and tailor it to them, outline the scenario for the employees, including a realistic element to the scenario, and conclude the exercise with an after actions report (AAR). Following these few steps will help in giving employees a clear picture of what to expect as well as illustrate the importance of the exercise. Organizations need to move away from just a check the box mentality and start to get hands-on, so everyone is on the same page. This will help in upgrading organizations’ strategies and prepare them for the ever-growing IT field.
C Cody
Hello Professor Ligon and Class,
One way that an IT Team could obtain commitment and engagement from an organization for routine tabletop exercises is through creating a formal document . This document needs to be signed by the IT Team and by upper management in which contains dates and times of these tabletop exercises for incident response scenarios. According to SANS, ”Tabletops are paper-based, and they are conducted in roundtable discussions guided by an Incident Response Plan, knowledge of the engineering processes, and an understanding of the existing ICS security defenses” (Parsons, 2022). An objective of one of these exercises could be to act like there is a ransomware attack and then to see if all of the right defenses are in place to handle such an incident. Surprisingly, these tabletop exercises could take anywhere from 2-30 days to fully cover all bases so it is important to plan these out, in-depth, beforehand. Some valuable attributes to obtain in the planning stage could be figuring out the tabletop goals, the frequency of the tests, the scenarios that will be covered and the teams that will be in charge of the different tasks.