Attackers will inevitably penetrate your defenses. The question is how effectively and quickly your current security and response strategies will perform under attack.
One preparation option is to adapt military war games into cybersecurity tabletop exercises. While cyber-war gaming isn’t a new concept, it’s not widely adopted — yet.
What is a cybersecurity tabletop exercise?
Cyber-war games are designed to provide a real-time look into how a company would defend against and respond to an attack. Red teams use the same tools as attackers to identify weaknesses in a company’s security strategy. The blue team, meanwhile, works to prevent any successful penetration by the red team from getting far into a system.
These tabletop exercises are about more than just penetration testing and trying out attack methodologies, however.
“Because the goal isn’t the same as with a vulnerability scanner or a pen test, it’s not going to be the same; you’re not going to get the same type of results you would get from there,” said Ken Smith, national lead for cyber testing at consulting firm RSM US.
Rather, cyber-war games provide insight into the state of readiness of a company’s…
