Cybersecurity Incident Response Exercise Guidance

Information security and privacy incidents are becoming more frequent. According to the CyberEdge Group 2021 Cyberthreat Defense Report, 2021 “…saw the largest increase in successful attacks within the last six years.”¹ In addition, it stated that “Over time, cybersecurity professionals have come to realize that it’s more of a question of when their organization will be victimized by a data breach than if.” As a result, it is more important than ever to train incident response teams (IRTs) to recognize, handle and respond to cybersecurity (and privacy) incidents.

Organizations must review cybersecurity threats and attack vectors, understand the importance of the incident response plan (IRP), review response activities, conduct tabletop exercises, analyze the exercises to determine areas for improvement, manage reporting and conduct IRP maintenance.