Shall We Play A Game?
WarGames circa 1983, for those of you reading this that were not born at the time…. Netflix. I won’t spoil it for you but that movie is what I think about when I hear “wargaming” which is the process of simulating an attack. This is something everyone who has an incident response plan should do, just to run through what could happen when an incident happens. It is meant to test your resilience, your ability to recover.
There is of course nothing that can simulate every scenario you may go through, but that’s why it’s called a game. Interesting enough, I use to make my teams run through seeming benign activities, as “prove it exercises,” that was just something I picked from our daily activities that I would press the button and make them prove to me that it was NOT an incident. This kept the incident response teams on its toes and exhaustive in their investigation because they they were never really sure if they would be asked to prove it!
It is that time of the year, where things go bump in the night, you know, freeze time, when nothing is supposed to change. I have received plenty of incident calls between Thanksgiving and New Year’s Day. When staff is out on holiday and no one is really doing anything. Believe it or not Hacker’s don’t care! It is the perfect time for an executive leader to pull the wool over someone’s eyes and spring a wargame when everyone is focused on holiday shopping. :-)
Come on, let’s play!