6 cybersecurity and emergency situations every IT department should train for
Most IT organizations would consider themselves competent in testing. They have decades of experience, a well-defined methodology, and modern testing tools. However, few test the chain of command and organizational ability to respond to challenging incidents.
Recently the United States government performed a simulation of a large-scale cyberattack on U.S. infrastructure. As one would expect with this type of attack, primary targets included civilian infrastructure like the electrical grid and financial institutions, in addition to military targets. One of the surprising findings was that the military does not have a clear organizational way of responding to attacks on domestic targets. In a real incident, valuable time would be lost as military and domestic entities attempted to coordinate responsibilities and responses, ultimately giving the attackers more time to inflict damage.