WEEK 9
DISCUSSION A : CYBER CRISIS TTX -INCIDENT MANAGEMENT
DISCUSSION
This discussion relates to this week’s Cyber Crisis Incident TableTop Exercise.
Evaluate the incident response actions taken by Jill Bradley, the CTO in terms of
Identification of the Incident – Did Jill ask the right questions to her staff and other subject matter experts to get a clear understanding of the situation?
Assessing and Understanding the risks associated to the DDoS attack and properly communicating these to senior management.
Directing the correct incident response actions as the incident progressed.
Maintaining command and control over the incident response operations.
Maintaining proper lines of communication.
If you were the CTO and had to manage this incident what would you have done differently?
ENGAGEMENT EXPECTATIONS
*Note, due to the tabletop exercise this week, your intial post is due on Friday instead of Wednesday to allow more time for reflection.
First post due: Friday by 11:59 p.m. each week
Second post due: Sundays at 11:59 p.m. each week. You should comment on at least 2 of your peer’s posts.
WEEK 9
DISCUSSION B : ORGANIZATIONAL RISK MANAGEMENT
DISCUSSION
This discussion relates to this week’s Cyber Crisis Incident Tabletop Exercise.
Evaluate the actions taken by the CEO and other executive board members during the incident in terms of organizational risk management.
Did the CEO and other board members effectively identify and manage the organizational risks during this incident?
What KPI’s and KRI’s where referenced during the conversations between the CEO, Board Members and the CTO?
What was the risk appetite of the CEO and the Board Members? Was there any evidence of a formal incident response plan or risk action plan?
If you were the CTO in this situation, what factors would you have needed to make the decision to order an emergency shut down of the order processing system?
What are some of the acceptable risks and consequences in ordering the emergency shutdown?
ENGAGEMENT EXPECTATIONS
*Note, due to the tabletop exercise this week, your intial post is due on Friday instead of Wednesday to allow more time for reflection.
First post due: Friday by 11:59 p.m. each week
Second post due: Sundays at 11:59 p.m. each week. You should comment on at least 2 of your peer’s posts.