• Last Week As A vCISO
  • Posts
  • Bug Out Planning: Preparing for Disaster in Cybersecurity and the Real World

Bug Out Planning: Preparing for Disaster in Cybersecurity and the Real World

How to Stay Calm and Handle Cybersecurity Threats Like a Pro

I was listening to an excellent episode of the Art of Manliness on the topic of survival, and I was struck by the similarities with the cybersecurity world.

We are witnessing disaster more and more and the real-life necessity of preparing for them, are we doing the same in our cybersecurity world?

San Francisco city skyline during 2020 labor day fires

It All Starts With Mindset

Amazingly, aside from the technical skills needed to survive a disaster, the guest mentions how mindset and soft skills are some of the most important and necessary skills required for survival. 

For example, panic and hopelessness will decrease your ability to survive, so having a mindset to prevent these is the idea.

Cybersecurity Survival Mindset

From a cybersecurity perspective, staying calm in order to assess a possible threat or exploit rationally is super important. If you jump to conclusions too early, without doing the necessary investigation or following the incident response plan can cause you to lose credibility. Conversely, waiting too long or ignoring true positive signals can also get you fired. Welcome to cybersecurity.

Having A Bug Out Plan

Another part of being prepared for a worst case scenario personally is having a “Bug Out” plan. This is a plan where you have 10 minutes to evacuate the area immediately. 

This can include:

  • Full tank of gas in your car

  • 72 Hours of food and clothing

  • First-aid kit

Cybersecurity Bug Out Planning aka Disaster Recovery & Business Continuity Planning

In the cybersecurity world, this is called Disaster Recovery (DR) and Business Continuity Planning (BCP). These are separate initiative but closely associated. For example, you would need to cover:

  • What happens if you have to evacuate HQ?

  • What if a hurricane hits your off-shore call center? Do you have a backup? Are you willing to bear the downtime?

  • What happens if Twilio is down and you rely on them for your services?

  • What if the exec team is unavailable? Who is authorized to make decisions and when?

The list can be really long, but you get the picture.

War Games

Ok, great. You have a plan. You have a go bag, and you’re all prepared. You have fire extinguishers, and fire ladders at the home, awesome work!

However, does your family know where everything is and what to do with them? Are they trained? Did you go over it a few years ago and expect them to remember, especially under duress? 🤔

The best training is to walk through a scenario, otherwise all that planning might as well be useless. Additionally, as with all training, the message needs to be repeated often.

Cybersecurity War Games - Tabletop Exercises

Same thing goes for Cybersecurity. Having a good plan is awesome, but just like GI Joe used to say, “Knowing is half the battle.”. As a social species, we often learn best through doing. 

This is where going through an actual exercise or simulation, will be tremendously beneficial for your company. Here are some benefits:

  • Getting everyone on the same page regarding how threats can emerge and be handled

  • Working out kinks or bugs in your incident response plan

  • Educational opportunity for your team to learn the plan, get to know your team, and familiarize each other in a low stress environment

For example, who is actually in charge during a crisis? It may not actually be the CISO, depending on the reporting structure. Whoever it may be, can they make a sound decision in line with industry expectations?1

Even from a technical perspective, can you imagine thinking you have all backups in place and working, but find a technical issue with your restore process that doubles restore time, impacts your data architecture, or worse… makes it impossible to restore??

Conclusion

While survival skills in the wilderness and cybersecurity may seem different, they share many similarities. Both require the right mindset, preparation, and planning ahead for worst-case scenarios. In the wilderness, you must prepare for harsh weather, wild animals, and getting lost. In cybersecurity, you must protect yourself against cyber attacks and data breaches. To face these challenges, you need to be calm, resourceful, and adaptable. Proper preparation and planning ahead are essential in both. With training and effort, you can develop these skills and be better equipped to handle challenges.

I hope you found this article helpful and informative. Do you have any questions or feedback? Let me know and I'd be happy to discuss!

Reply

or to participate.