SITUATION
A major real estate investment trust approached FTI Cybersecurity for a tabletop exercise to test the company’s internal incident response preparedness protocols. The exercise evaluated the decision-making processes of the senior executive team and the preparedness of technical practitioners and operations management.
OUR ROLE
FTI Cybersecurity reviewed the client’s existing tools, technologies, policies, and procedures to develop a custom scenario to best evaluate the client’s procedures. To test the incident response preparedness of technical practitioners, FTI Cybersecurity simulated phishing emails, a third-party compromise, a backup compromise, and a ransomware attack. The client was tasked with discussing the tools in place to streamline an investigation, and the training necessary to mitigate risk. They were also asked to identify the workflows and coordination tasks triggered by the attacks and how to coordinate with the CIO and Director of Cybersecurity.
The decision making of the senior executive team was evaluated through issue-based discussions determined by the client’s incident response plans and workflows. A situation was presented to the senior executive team explaining the progression of the attacks. The client discussed who would be notified, the immediate concerns, and the considerations for paying the ransom.
OUR IMPACT
After the exercises, the client participated in discussions regarding strengths and areas for improvement. The FTI Cybersecurity team worked with the FTI Strategic Communications team to identify weaknesses in the client’s processes and procedures and made specific tooling recommendations to best assist the client with their vulnerabilities. The client was satisfied with the evaluations, and the recommendations have helped them improve their cybersecurity procedures and strengthen their protection measures.