Incident Response: Why a Tabletop Exercise Is Essential
Partner Ronald Raether participated in a video interview at Information Security Media Group's recent Legal & Compliance Summit in New York, discussing the importance of conducting cyberattack table top incident response plan exercises. In the interview, he shares that most companies fail to practice their incident response plans, saying that the process is “neglected until a company has been forced or compelled to deal with a situation.” He adds that companies are often ill-prepared when faced with a cybersecurity issue and emphasizes that, “They really need to spend the time and the resources to think about specifically what they’re going to do, how they’re going to communicate, what third parties they’re going to bring in to help them respond to the event before they’re actually under fire.” Ron explains that the true benefits of a table top exercise are often overlooked, specifically (1) getting all involved parties comfortable communicating and working together before a crisis, and (2) educating the business leadership on cybersecurity and incidence response so that the functions become more than a check-the-box process.