Lisa Forte talks about table-top exercises on Mimecast’s Phishy Business

Written by: Piers Shearman

Categorized: Blog

Listen to the episode here: Listen on Spotify

Episode Description: In this episode of Phishy Business, we take a look at cyber crisis exercises and insider threats. Our special guest is Lisa Forte, an expert on running cyber crisis exercises and training high-risk staff on insider threats and social engineering, who was named one of the top 30 female cybersecurity leaders by SC Magazine. Lisa works hard to simulate cybersecurity disasters for organizations in order to train them in how to deal with real-world cyberattacks. Lisa shares her insights on cyber crisis exercises and preparing organizations on how to handle cyberattacks as well as how to prevent insider threats. In ‘Actors, tabletop exercises, and insider threats’ we discuss:

The fact that 70% of organizations in EMEA do not have a plan for dealing with insider threats despite it being a growing risk.

How insider threats can be both accidental and malicious, different ways to look at the term “insider threat”, and some of the factors that may play into people becoming insider threats.

How to balance fear and empowerment to get every employee to care personally about an organization’s cybersecurity, and how cybersecurity needs to be marketed internally to people across the organization.

Some of the creative ways to use role-playing and acting in cyber crisis exercises to make simulations as real as possible, which is key to educating teams in dealing with cyberattacks.

Top tips for getting started with a plan to deal with insider threats and cyberattacks and the importance of explaining to key personnel that just having backups really is not a solid plan for dealing with today’s threats.

The importance of a happy workforce, properly and legally monitoring for insider threats, and tech-for-good and cybersecurity-for-good initiatives.

Why CISOs might benefit from rock climbing

Listen to the episode here:

About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts.

Related Content