The Sullexis Blog
Cyber Wargames – Corporate Policy or XBOX Title?
The use of military analogies in cyber security is often overdone. That isn’t to say that working on security day in and day out doesn’t sometimes feel like a battle is being waged. There is one bit of military-esque terminology that probably should be used more, not less: Wargames. Using a term like Wargames lends some gravitas to an often-overlooked need in security practices and IT in general: the need to take all your plans and put them to the test on a regular and realistic basis.
Put simply, when a security crisis arises (and it will) you don’t want that to be the time you find out your plans aren’t adequate, you are missing key pieces of information, and no one knows exactly what their responsibilities are in the firefight. If you can’t bring together the right team quickly, you lose valuable time in stopping or containing a breach. The amount of time spent halting a breach could be the difference in keeping your job. A mock exercise shouldn’t just involve the technical resources. You need PR teams to take in the information and provide clear communication, business people to understand potential impacts to how they get their jobs done, and executives to witness just how far-reaching those impacts can be.
True Wargames are time-consuming and have a real cost, but weigh that against the average cost of a major breach that wasn’t found early, and those costs seem very insignificant. The harder variable to manage is getting the right team together with time to fully go through the exercise. Try to work these sessions into company-wide meetings or lulls in your quarterly schedule to drive the most participation possible. Ideally, you will conduct one of these sessions each year with smaller IT and Security reviews of the plans and policies on a quarterly basis.
Often it is difficult for an internal team to organize and run a Wargame exercise on their own. Bringing in an outside company to run the event can also lend credibility to the scenarios and results that you report out. You may even consider having an external Red Team that attempts simulated breaches un-known to the internal team during the Wargame. Making the test as realistic as possible is a key to finding out what you do well and where you need to improve. To discuss getting your game on, contact Sullexis, and we can help you plan the best test of your security platform.