Real Life War Games: Avoiding the High-profile Mega Breach

It is not when the incident occurs, but a matter of time.

• Users are biggest risk. Are we over compensating in IT for what we are doing as a company?
• Incident management – if you know you are going to have a breech, how do prepare? How do you test for it? If you know the business is out of control – how do you manage your teams? 
• Test, test, test… you can never test enough.  Blind tests that only senior management knows about, phishing tests, just keep testing.
• Business continuity
• Communications – how do you communicate out to your users, senior leadership?  You cannot do it enough.  You are the trust factor. You want the information to come from you.