Skip to main content
Search
Practice paper

Building capability and community through cyber-incident response exercises

Matthew Ricks
Journal of Business Continuity & Emergency Planning, 18 (1), 49-58 (2024)
https://doi.org/10.69554/GCZJ1400

Abstract

While a natural disaster or related threat may impact an organisation at some point, it is more likely (even inevitable) that it will be the victim of a cyber attack. The solution to being better prepared for these imminent attacks is to undertake more lightweight and frequent incident response (IR) exercises to help build capabilities and community through a tighter, recurring cycle of planning, conducting and assessing. To boost the facilitation of IR exercises, organisations must leverage the established relationships between business continuity management (BCM) or resilience staff (both of which are familiar with business continuity and disaster recovery exercises), and their information security office. As BCM will ultimately be involved in response and recovery after a cyber attack, it is intuitively more effective to collaborate with BCM in advance. Indeed, it has been substantiated that BCM engagement improves incident response time and reduces incident response costs. This paper concludes that involving BCM or resilience departments in IR exercises contributes to more effective responses to actual incidents.

Keywords: cyber security; information security; business continuity management; resilience; incident response; exercises

The full article is available to subscribers to the journal.

Already a subscriber? Login or review other options.

Author's Biography

Matthew Ricks is the Senior Director of IT Facilities Infrastructure & Resilience at Stanford University. In addition to overseeing Stanford’s central data centres, IT technical facilities and underlying technical physical infrastructure, he focuses on disaster recovery, business continuity planning and emergency management. Matthew has led annual disaster recovery and life-safety exercises. He also plans and conducts recurring cyber-incident response exercises. He serves as incident commander for major IT incidents and as the IT representative for institution-wide emergencies. Matthew holds a master’s degree in homeland security from Penn State University, an MBA from University of Maryland University College, and a bachelor of science degree in information systems management from University of Maryland Baltimore County. Matthew also maintains Certified Business Continuity Professional (CBCP) certification.

Citation

Ricks, Matthew (2024, September 1). Building capability and community through cyber-incident response exercises. In the Journal of Business Continuity & Emergency Planning, Volume 18, Issue 1. https://doi.org/10.69554/GCZJ1400.

Options

cover image, Journal of Business Continuity & Emergency Planning
Journal of Business Continuity & Emergency Planning
Volume 18 / Issue 1
© Henry Stewart
Publications LLP