Evaluate and test these plans every year
An established plan is the first step, but by putting it to the test during an annual drill, you can make real improvements.
Test your plan with a fictional incident but treat it as if it were real. Inform your management as well as your communication staff of this drill. Observe the staff’s response (or lack thereof).
- Cyber exercise playbook: https://www.mitre.org/sites/default/files/publications/pr_14-3929-cyber-exercise-playbook.pdf
- National exercise handbook: https://www.enisa.europa.eu/publications/national-exercise-good-practice-guide