Download The "Running Ransomware Tabletop Exercises" Cheat Sheet
Tabletop exercises are key to preventing Ransomware. Grab this free PDF resource today
Home » How To Prevent Ransomware? » Passive Defense » Tabletop Exercises
Mike Tyson famously said, “Everybody has a plan until they get punched in the mouth.” Keep this quote in mind throughout this page. The truth is most organizations are not prepared for a ransomware attack. This statement seems counterintuitive; after all, there’s a lot of information available about ransomware attacks. It seems like every week there appear dozens of articles and countless webinars focused on helping organizations defend themselves against ransomware. How can anyone be unprepared at this point? Unfortunately, most victims still are unprepared, demonstrated by the fact that ransomware attacks are not only not slowing down, but increasing year after year.
One of the big areas of disconnect is between the knowledge about ransomware among security teams and what the rest of the company knows. One way to close that gap in knowledge is by engaging in tabletop exercises. In addition to helping to isolate weaknesses in security, ransomware tabletop exercises serve as a platform for security teams to educate the rest of the organization.
Raising awareness is only one goal of a ransomware tabletop exercise. In addition, organizations should plan to:
• Test the assumptions and effectiveness of incident response (IR) and disaster recovery (DR) plans
• Test the organization’s interaction with the cybersecurity DR plan
• Test the cybersecurity team’s escalation and response procedures
• Identify gaps in cybersecurity processes
Of course, to realize these goals, the right people need to be invited to participate in the exercise.
An organization that isn't prepared to run its own ransomware tabletop exercise can often outsource the capability to a third party. Companies such as KnowBe4 offer services that can help facilitate a tabletop exercise, while other companies such as TrustPeers and GroupSense offer fully outsourced ransomware tabletop exercises.
If an organization doesn't want to fully outsource this task, there are often sector-specific ransomware tabletop exercise templates available, usually at no cost. Organizations that are members of their sector’s Information Sharing and Analysis Center (ISAC) should reach out to see what resources are available. There are ISACs for State, Local, and Tribal Governments (MS-ISAC), the Financial Sector (FS-ISAC), Healthcare (H-ISAC), Retail and Hospitality (RS-ISAC), Water (WaterISAC), Automotive (Auto-ISAC), and many others. In addition, there are plenty of freely available general templates for conducting exercises. There are a lot of resources to help organizations launch and continue to run ransomware tabletop exercises—don’t hesitate to take advantage of them.
It’s the ransomware resource you can’t afford to be without. 437 Pages of ransomware know-how. Stay ahead of the cybercriminals: get your copy now!
A REVEALING REPORT FOR IT PROFESSIONALS BY IT PROFESSIONALS