Cybersecurity tabletop exercises: How far should you go?

As global cyber threats and other international tensions increase, what scenarios should state and local governments consider when conducting exercises to test their people, processes, and technology?

March 31, 2024 •

Dan Roman

Adobe Stock/Tetlak

When conducting cybersecurity or other emergency management tabletop exercises, how far should you push your team into uncomfortable situations?

The goals of these exercises are typically focused on testing the people, processes, and technology that would be used in the event of a major incident, but what scenarios go too far?

Federal, state, and local governments, and the private organizations that support them, must respond to world events that can shift paradigms and significantly impact government operations, such as before, during, and after war. How can we best prepare for what happens? COVID-19 pandemic?

Or, as we approach April 2024, should organizations other than the Department of Defense prepare for scenarios like China invading Taiwan, to take a specific example?

Global cyber threats intensify

Take a step back and consider recent cyber threat-related media headlines and see if you can connect the dots.

Below is a quote from the last item (last week’s blog) that featured an alarming update from several 3-letter agencies in Washington, DC, earlier this month.

“My favorite session was the one titled ‘China in the Digital Backyard’ with TJ Sayers, director of intelligence and incident response at the Center for Internet Security. Dave Frederick, assistant director for China at the National Security Agency. Andrew Scott is Associate Director of China Operations at the Cybersecurity and Infrastructure Security Agency. The session was moderated by Katherine Gronberg, Head of Government Services at NightDragon. What was shocking was the level of concern among intelligence agencies about the current attack from China.

“Over the past six months, our incident response efforts have confirmed that cyber attackers from the People’s Republic of China have been present on our critical infrastructure networks, in some cases over the past five years,” Scott said. ” he said.

“They have the necessary access and if an order is issued, they would be able to interrupt services in parts of this country right now,” he added.

Here are some recent headlines to consider.

What would a “China Invading Taiwan” tabletop exercise look like?

So how can organizations prepare with tabletop exercises and other exercises?

Additionally, from another article the hill Other lessons learned from these exercises were also discussed. “The war games were conducted behind closed doors on Capitol Hill as a tabletop exercise between a member of Congress playing a Taiwanese person and a defense expert from the Center for a New American Security playing a Taiwanese Chinese person. CNAS National Defense Program Andrew Metric, a researcher and co-creator of the wargame, said the game lasted about two hours and strengthened the resolve to address vulnerabilities that many lawmakers were already concerned about.

“I was impressed by all of our members and their thoughtfulness, their seriousness. And I think we can take the lessons from this type of training and apply them to deterrence so that something like this never happens.” “It’s their dedication to making it happen,” he said.

Here are some example tabletop exercises from leading industry experts about the geopolitical situation that could arise if China invaded Taiwan.

final thoughts

Let me be clear about one thing: I sincerely hope this scenario never happens. In fact, I believe that if we prepare and discuss this topic openly, we may be less likely to have a cyber incident in which China invades Taiwan.

Nevertheless, I wrote this article to help break the mold for most of the current cyber tabletop scenarios being tested by governments across the country.

Even if you disagree that this scenario is important for federal, state, and local governments to include in a short-term tabletop exercise, I would like to suggest to you other new scenarios, perhaps a Chinese invasion of Taiwan. We seek to identify and consider other cyber conflicts and escalations. To test the team.

We also recognize that most government agencies are focused on tabletop exercises on various scenarios surrounding the 2024 election and a critical learning situation: ransomware attacks and data breaches. I applaud these efforts.

But if history has taught us anything when it comes to preparing teams for the unknown, it’s that we can’t be complacent with the current state of the world.

Over the past four years, we have seen a Russian invasion of Ukraine, a global pandemic, and a surge in nation-state cyberattacks targeting civilians in the United States and NATO member states. Ransomware and other cyberattack statistics continue to rise, and government technology leaders are working with emergency management partners to best prepare to respond to these situations, no matter what happens next. is needed. This means stepping further out of your comfort zone.

This message certainly means different things to different audiences. But I ask you: When is the right time for a tabletop exercise scenario involving a Chinese invasion of Taiwan?

cyber security

Dan Roman

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, engineer, keynote speaker, and author.

Read more stories from Dan Roman

*** This is a syndicated blog on the Security Bloggers Network by Lohrmann on Cybersecurity written by Lohrmann on Cybersecurity. Read the original post:

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button