Slashdot Mirror

← Back to Stories (view on slashdot.org)

Do We Need Regular IT Security Fire Drills?

Posted by Soulskill on from the clearly-we-need-something-involving-fire dept.

An anonymous reader writes: This article argues that organizations need to move beyond focusing purely on the prevention of security incidents, and start to concentrate on what they will do when an incident occurs. IT security "fire drills," supported by executive management should be conducted regularly in organizations, in order to understand the appropriate course of action in advance of a security breach. This includes recovering evidence, identifying and resolving the root cause of the incident (not just the symptoms), and undertaking a forensic investigation.

1 of 124 comments (clear)

  1. Nope by sexconker · · Score: 4, Interesting

    Just like real fire drills, they're pretty pointless and no one takes them seriously because there's no fire.
    So you either have a fruitless exercise that costs money because of all the interruptions, or you have a semi-fruitful exercise that costs a lot of money because of the extended interruptions caused by trying to simulate a real event.

    The latter will marginally improve the response to an actual incident. Neither will fly, because they cost money and aren't mandated by law.