Tabletop Exercise - August 2016

Scenario:

Your organization’s social media website is compromised.

Through public news outlets, an international terrorist group calling themselves the “Rebellion Cyber Forces” has displayed outrage against American politics.  They have publicly claimed the successful cyber attacks on various government organizations. You learn that your organization’s official social media accounts have been compromised and someone is sending out notifications through your social media website to your public claiming that your organization has been compromised by the rebellion cyber forces.

Items to discuss:

  • How would you be alerted if account takeover notifications were being sent from your social media account?
  • What steps will your organization take?
  • Who would be responsible for taking the lead?
  • What policies or practices do you have in place to address the situation?
  • What should staff do?
  • What should management do?
  • What, if anything, do you tell your constituents?
  • How or when would you notify them?

Items to report:

  • Did communication flow as expected? If not, why?
  • Were processes and procedures followed?
  • Were there any surprises?
  • How well did the exercise work for your organization?