Submitted by CAE Community on

Incident response training is designed to test an organization's ability to respond to a cybersecurity attack. It involves developing a tabletop attack scenario and then running through the incident response plan to determine whether the plan is effective in detecting, containing, and remedying the attack. During the exercise, participants are required to make decisions and take actions as they would in a real cybersecurity attack. The exercise brings together various teams within the organization, including IT, security, legal, and public relations. The goal is to raise an organization’s cyber defense posture by identifying weaknesses or gaps in the incident response plan and to provide an opportunity for the organization to refine and improve its response capabilities. Critical infrastructure cybersecurity attacks have a greater potential to impact multiple organizations that would not typically engage in collaborative activities and incident response training requires participation from external partners such as law enforcement, regulators, and third-party vendors. Community outreach and leadership in education are key tenets of the National Centers of Academic Excellence in Cybersecurity (NCAE-C) mission. NCAE-C Colleges and Universities are uniquely positioned to serve in enhancing communication and collaboration by bringing together entities that would not normally engage with one another. In this presentation, NCAE-C institution representatives from the States of Montana and Colorado will discuss their experience in planning and hosting incident response training for critical infrastructure. We will examine the complexities of bringing together these disparate stakeholders. We will also present the benefits these events bring by enhancing the education of students and the research efforts of faculty.
 

Thomas Gallagher, Gretchen Bliss
Thursday Block II
04:00 pm ~ 04:30 pm
Designation Track
Duration
20