Baker Tilly’s fourth webinar in the attack surface management series discusses how leading organizations manage their attack surface by testing their cyberattack prevention, detection and response capabilities.
We examine two beneficial testing activities often overlooked by organizations:
- Cybersecurity attack simulation – Organizations are constantly being probed by external and internal threat sources for exploitable security weaknesses that could result in system compromise and/or a data breach. Cybersecurity attack simulations test an organization’s preparedness to prevent and detect intrusive activity that targets organizational networks, systems and applications as well as staff, contractors and trusted service providers. Additionally, simulated attacks can be used to test the sufficiency and effectiveness of incident response plans in containing, eradicating and recovering from a cybersecurity attack.
- Cybersecurity breach simulation – In today’s world, organizations need to assume that their cybersecurity will be breached and a data loss event will occur. A breach simulation guides executives and first responders through realistic scenarios to test the sufficiency and effectiveness of breach response plans in addressing crisis response, breach containment, customer and business partner notification, interaction with law enforcement, regulatory compliance, internal/external communication and public relations.
Key learning objectives
- Identify the difference between cybersecurity attack simulation, vulnerability scanning, vulnerability assessments, penetration testing and continuous monitoring.
- Illustrate how to plan and conduct a cybersecurity attack simulation.
- Summarize the difference between incident response and breach response planning and testing.
- Describe how to plan and conduct a cybersecurity breach simulation.
Who should watch?
- Internal audit executives, directors and managers
- Information technology executives, directors and managers
- Information security executives, directors and managers
"During Baker Tilly’s May 2, 2018, webinar, Using cybersecurity attack and breach simulations to manage your organization’s attack surface, 17 percent of polled respondents indicated they are aware their organization does not have an established incident response plan in place to address a cyberbreach."