How cyber threat war-gaming can help decrease the impact of cyber incidents
As society has become increasingly transformed through Internet-based communication and data exchange, cyber threats have increased in both sophistication and frequency. In many organizations, executives know that cyber incidents can lead to high-profile losses, rampant media exposure, and damage to client, customer, or investor confidence. Business leaders have begun to acknowledge that, despite strong security controls, cyber incidents will occur. How heavily they impact an organization’s reputation, bottom line, and market standing depends, in part, on how well-prepared the organization is to analyze and contain an incident as it unfolds, respond decisively, and manage the aftermath. Deloitte’s cyber threat war-gaming services help organizations establish “muscle memory” and multi-function coordination to better manage the business crises that cyber incidents can cause.
A response playbook is not enough
In many organizations, security incidents may occur daily, and are routinely handled by security and technology teams. But some incidents will escalate into significant business crises. Even with well-documented response plans, few organizations are sufficiently prepared. Because the threat landscape changes rapidly, responses cannot be perfectly scripted.
Cyber incidents will occur that require agility and sound judgment in the face of the unknown. These events call for concerted engagement by many organizational functions, including risk management, legal, public affairs, talent management, and technology. Interaction may be required with a wide range of external third parties, including industry peers, regulators, law enforcement, and vendors providing support functions. To reduce damage and impact, organizations need the ability to:
- Efficiently assess and determine the scope of the event
- Act decisively to contain the impact and preserve forensic information
- Determine when to engage or report to law enforcement and/or regulatory bodies
- Manage communications to control public and investor perception
- Activate business continuity and recovery mechanisms