manufacturingtechnologyinsights
DECEMBER 20248MANUFACTURING TECHNOLOGY INSIGHTSIN MY OPINIONLarge or small, every organization has experienced some type of cybersecurity incident. Whether an employee was phished or the critical infrastructure was infected by ransomware, we all have our war stories. It is said that it takes 10,000 hours to become a master at something. The skills developed during those hours are dependent on how the team was trained."Train like you fight!" It is a phrase that is used quite often. From athletes to the military, it is also a saying that is true in cybersecurity. When training our employees, we want the simulation to be as close to a real incident as possible. There are several ways this can be accomplished. There are low costs, no cost solutions that can be used, such as running tabletop exercises. Cyber ranges and gamification of cybersecurity training are also effective ways to get your employees trained in incident response.No CISO ever wants to hear an employee say, "If that ever happened to us, I would just quit..." I have heard those words spoken a time or two after running an incident response exercise. Those words came from employees who had never experienced an incident before. It was not because the work was hard; it was because they did not understand how to react.We can put together incident response policies and standards, but they serve no purpose without training. The key is to build repeatable processes so your employees know what to do when an incident does occur. Often times when an incident occurs, we are so focused on the incident itself that we forget some of the fundamentals, such as documentation. By building muscle memory, these fundamentals become second nature.Tabletop exercises are often the cheapest to perform yet provides some of the greatest returns. These returns often come in the form of reduced reaction and remediation times. Tabletop exercises are performed by using scenario based questions. The questions can be individual incidents or a series of questions, all based upon a specific scenario.An example of this includes:An employee who called the help desk due to unusual circumstances concerning an email they receivedIt has locked down the employees' computers with a message to pay Bitcoin because the system has been infected with ransomware.It begins to spread across the networkBusiness critical systems have now been affected by the outbreakGET PREPARED FOR YOUR NEXT INCIDENTBy Jason Brown, Information Technology Security Manager, The Shyft GroupJason Brown
< Page 7 | Page 9 >