Inquiries to suppose by through the tabletop embody:
- How lengthy does the group maintain backups?
- How lengthy does it take to revive from backups and has that course of truly been examined?
The tabletop additionally invitations discussions round how the group is ready to answer the invention of unauthorized administrative exercise, who could be notified, and the way.
Serving to security groups consider all the things that must be achieved
The purpose of the train is to power security groups to contemplate what sources are required for incident response and what processes may be invoked to mitigate the impression from malicious exercise from an insider menace.
There additionally could also be a must contact regulation enforcement and to sufficiently doc the incident to have the ability to legally pursue the attacker and maintain them accountable for the malicious actions.
Eventualities like these can and sometimes do play out, with former staff changing into annoyed with a former employer and searching to make use of insider data they’re aware about, to attempt to compromise or negatively impression the group each technically, financially and reputationally.
Organizations must have complete plans and processes in place to halt malicious actions, mitigate the impression, reply to and get better from the incident and legally pursue the insider to carry them accountable for his or her actions.