Preparing for unknown adverse events requires assumptions, interpretations, critical thinking, and planning, so that when they happen, the unexpected is avoided. When they do happen, it is impossible to know if it will be in relation to the preparedness that was put into place, however their unpredictability is only debilitating if we allow it to be.
As school children, we practiced preparedness by taking part in drills for tornadoes, earthquakes, fires, and other expected concerns. Because the drills were practiced in preparation for something unplanned, they did not provide a fool-proof result, but a pathway and mindfulness should something adverse occur.
Unfortunately, disasters, attacks, and other failures have a mysterious aspect to them. How do Operational Resilience leaders take advantage of the unexpected to improve resilience, resourcefulness, and responsiveness when bad things happen?
Planning for the Unexpected
Executive, IT, and Operational Resilience teams have the daily responsibility of assuring security, awareness, monitoring, and productivity. Part of protecting the business ‘bubble’ requires regular testing. Often, this is done much like our grade school drills - by simulating an emergency and creating a plan of resilience to execute. These drills are often termed ‘tabletop tests.’ Just as the name describes, a tabletop test involves discussion with a team ‘around a table’ regarding the specific business and IT goals and initiatives that protect assets and extend resilience.
Tabletop tests have three directives: preparation, defense, and recovery. These tests provide results that open the eyes of the immediate ‘round table’ team, allowing for education and preparedness for the business. When run consistently, tabletop tests can provide valuable information on both current practices and areas of improvement, based on the level of vulnerability and the resilience discussed. This preparedness reinforces defenses with foreknowledge of attack possibilities and recovery options should the defenses become overwhelmed.
A cybersecurity tabletop plan involves a small group of management and technical personnel who are responsible for executing Incident Response and Operational Resilience plans. They must convey the plan’s details and its importance to the team while assuring that it meets business requirements as defined to enable operational capabilities and processes. Because it is a simulation of a possible cyber event, the team determines what the IT disaster entails, including the cause, the length, the timing, and the target.
The cause is the scenario developed to drive thought and execute the affected plans against. It elicits a response and recovery to occur by describing what has negatively impacted operational capabilities and processes. The length of discussion pertaining to the cause, or the execution of the tabletop, can vary from a couple of hours to an extensive week-long effort –depending on the depth to which the scenario is developed and delivered.
Timing can be both place and time related, however it is necessary to predetermine the number of acceptable distractions caused by removing personnel from work operations. Additionally, timing related to time of day, day of the week, monthly and quarterly impacts, and even a surprise execution or added association with the tabletop also needs to be determined. Lastly, a target gives the tabletop and its participants a focus on specific aspects of the business or certain goals to reach. This also helps in gaining a better understanding of how the business operates so that during adverse events there is more resilience and less surprise or debilitation.
Although it is a small team of professionals who prepare and manage a tabletop event, the business must be mindful in its practices and how to best provide value through the event. Meanwhile, as resources are pulled aside to manage the tabletop, day to day routines still require support and operations which potentially leads to the need for tabletop assistance.
Businesses are vulnerable and need a trusted team to manage their cybersecurity preparation, defensive measures, and resilience. Enlisting the support, expertise, and watchful eye of a partner is a way of adding value for ‘planning’ for the unexpected. From DR-as-a-Service to leveraging experienced consultants, organizations can better prepare for responding to an unexpected incident by augmenting the assistance required to provide value through a tabletop event. Cayuse offers this expertise and support.
The Cayuse team believes in diversity and loyalty. We partner with our clients to provide professional expertise while improving cybersecurity approaches for Operational Resilience. We proactively prepare responses to the unpredictable risks businesses face each day.
Learn more about how Cayuse successfully implemented tabletop testing for a multinational hospitality company by reading our case study.
Many companies have Operational Resilience plans that haven’t yet been validated, while some have plans that have gone through a tabletop event. Thus, preparedness is in place for the planned simulated event yet lacking in full-scale validation. An even further, essential element for resilience and cybersecurity is for organizations to train in these cohesively, allowing for preparedness for real-world, business-impacting events. It is vital to gain resilience through extended preparation for the unexpected.
When it comes to responding to a cyberattack, data breach, natural, or physical disaster, and the recovery thereafter, preparedness is key. Being able to bounce back after an operationally impacting event is imperative in allowing business continuity for delivering services and survival overall.
Going a step further, having a partner in the industry that can support program parameters, provide cross-industry guidance, and assist with integrated, robust tabletop events truly is a game-changer.