Tabletop Exercises & Crisis Management Preparedness
Don't let your first cyber crisis be a real one
Even for mature companies, cyber incidents are a matter of "when," not "if"
How a company responds, and how well prepared it is to do so, has a significant impact on the consequences of a cyber incident.
Good Harbor can help before, during, and after a crisis:
1. Incident Response Plans and Capabilities
-
Develop or enhance incident response plans
-
Get whole-of-enterprise stakeholders and third party providers ready to respond together
-
Make sure I.R. plans, Corporate Crisis Management Plans, Disaster Recovery plans, and Crisis Communications Plans work well together
-
Prepare contingency plans for an incident, including a StealthNet
2. Tabletop Exercises
-
Evaluate existing plans and capabilities, heighten executive awareness, and strengthen the organization’s ability to respond to a real cyber security crisis
-
Leverage realistic scenarios designed uniquely for your organization and objectives; never a cookie-cutter approach
-
Tailor exercises for the participants and objectives through seven types of TTX:
-
C-Suite
-
Core I.R. Team
-
Real-Time "Stress Test"
-
I.R. Workshop
-
Restoration and Recovery Focus
-
AI and/or Quantum Focus
-
Industry, ISAC, or Conference Event
-
3. Crisis Management Coach: on-call for rapid response during an incident
When mature companies get hacked, they call on outside counsel, a technical forensics and I.R. provider, and possibly a public relations firm. While valuable, none are dedicated to advising the CEO or CISO on the big picture or how to manage the process. A Crisis Management Coach fills the gap:
-
Advise the CEO, CISO, and/or Crisis Manager
-
Identify and facilitate critical decisions while balancing business, legal, public relations, and technical considerations
-
Coordinate the first hours of crisis response, including outreach to supporting third parties
-
Conduct After Action Reviews to collect "lessons learned" soon after an incident