Risk Masters International, LLC.
  • Home
  • Solutions
  • Training
  • Expert Network
  • Cyber
  • References
  • Contact
  • More
    • Home
    • Solutions
    • Training
    • Expert Network
    • Cyber
    • References
    • Contact
Risk Masters International, LLC.
  • Home
  • Solutions
  • Training
  • Expert Network
  • Cyber
  • References
  • Contact

Cyber

Cyber Recovery Table-Top Exercises

Cyber attacks are a real and vital threat to organizations' continuity of operations and security of information. Many have prepared technical response plans, but many companies have not, and fewer still have developed Business Continuity Plans to keep operations going should an attack occur. Testing, at this point, is often an afterthought.


Risk Masters International has developed a program to test Cyber Recovery for both organizations with plans and those without.

System Protected

Preparedness Testing for organizations that have developed a Cyber Recovery Plan:

  • Test the comprehension of the plan by recovery participants
  • Identify gaps and inconsistencies in the plan
  • Measure the speed of recovery and identify ways to improve it
  • Compare probable recovery timing with Recovery Time Objectives
  • Validate the potential effectiveness of the plan

Technology

Diagnostic assessment for organizations that have not yet developed a Cyber Recovery Plan:

  • Identify strengths and weaknesses in the current level of preparedness to recover
  • Assign roles and responsibilities for developing a plan and for carrying it out
  • Determine the speed of recovery and identify ways to improve it
  • Compare probable recovery timing with Recovery Time Objectives
  • Build an on-going preparedness and recovery capability


These Table-Top Tests, conducted in a safe conference room setting, simulate various attack scenarios that cannot be carried out in a "live" manner. The scope of the tests includes:

  • Organization for preparedness and recovery from cyber attacks
  • Recovery from theft of information, including privacy ramifications
  • Recovery from destruction of application software and data
  • Recovery from ransomware attacks

Clients may choose to conduct as many tests as they like from among the following modules:

Employees talking to each other

Business Response

  • Preparedness – Business Response
    • RTO and RPO reconsideration
    • Web site defacement recovery
    • Cyber-focused organization
    • Business preparations and exercising


  • Theft of information
    • Organizational decision making and response
    • Privacy breach response
    • Management communication
    • Technical repair


  • Destructive attack
    • Technical recovery time estimate
    • Determination of business impact
    • Communication with customers
    • Reconstruction of lost information


  • Ransomware attack
    • Backup and storage strategy
    • Validation of backups
    • Business decisions
    • Technical recovery

A man talking to a client

Technical Response

  •  Preparedness
    • NIST Cybersecurity Framework Assessment
    • Hardware and software updates
    • Cyber organization
    • Drills and tests


  •  Theft of information
    • Identification of an attack
    • Measurement of loss
    • Management communication
    • Clean-up


  •  Destructive attack – Technical Response
    • Recovery in Place
    • Reconstruction of data and software
    • Elimination of Advanced Persistent Threats (APTs)
    • Validation of accuracy and completeness

 

  • Ransomware attack
    • Backup and storage strategy
    • Validation of backups
    • Business decisions
    • Technical recovery

Contact: Steven Ross, (917) 837-2484, stross@riskmastersintl.com

Copyright © 2020, Risk Masters International, LLC. All Rights Reserved.

Powered by