On January 8, 2021, CU*Answers facilitated a virtual tabletop exercise for credit unions in Taylor, MI as part of the training and testing program for the Incident Response Plan. Participants began with an overview of Incident Response and the similarities to Business Continuity Planning. From there the exercise shifted to a walk-through of the Incident Response Plan, leading to a simulated cybersecurity attack scenario. Injects were added at 10-minute intervals with questions for the response team at each point, based on the information at hand.

“Questions were designed from a business perspective, rather than technology to engage team members from all business units”, states Jim Lawrence, VP of Business Continuity and Operations. “There are so many variables at play during an incident, from incident identification and assessment, to engaging legal counsel and external breach experts, as well as notification requirements for all categories of stakeholders. Walking through an incident in a relaxed environment gives participants time to think and ask the appropriate questions, while they are in control, unlike an actual incident when it may seem as if control is held by the adversary or an external party.”

The exercise concludes with an evaluation of the lessons learned and improvements to make in response policies, procedures, and processes, as well as the Information Security Program itself. “Perhaps the biggest takeaway is the realization of the skills gap necessary to build an effective Incident Response Team, allowing time for additional training or building relationships with outsources vendors before the next incident occurs.”

Additional information about Incident Response services including tabletop exercises from CU*Answers is available from the CU*Answers store.