Information Systems Security Association Los Angeles
Los Angeles Chapter, Cybersecurity, InfoSec, CISO, Privacy, Risk
RSVP: https://www.eventbrite.com/e/issa-la-jan-18-2023-dinner-meeting-tickets-488238262787
Interested in Sponsoring this event? Please visit:
https://www.eventbrite.com/e/issa-los-angeles-dinner-meeting-sponsorship-tickets-30906710804
Organizations have IT Plans, such as Contingency and Cybersecurity Incident Response Plans, so that they can respond quickly and efficiently to unexpected events. Not only should these plans be reviewed, evaluated, and tested frequently, but the personnel and business processes involved should also be trained, evaluated, and tested to ensure that they are able to fulfil their roles and responsibilities as established by the IT Plan. These outcomes are an essential part of an organizations’ Test, Training and Exercise (TTE) Program.
Tabletop exercises are one of the methods used to evaluate an organizations’ plan as part of the TTE Program. Tabletop exercises are typically Facilitator led, discussion-based sessions where team members meet in an informal, classroom/meeting setting to discuss their roles, responsibilities, and responses during an event. These sessions are also used to clarify roles and responsibilities and to identify additional response and preparedness needs. Often, Tabletop exercises are performed in an ad-hoc manner and are not part of a larger TTE Program. Following the 5P principal (Prior Planning Prevents Poor Performance) organizations can increase the efficiency and effectiveness of response actions and identify gaps or deficiencies within the Plan being exercised. Properly planned Tabletop exercises include identifying topic, scope, objectives, participants, facilitators, developing the exercise materials, conducting the exercise, performing an after-action review, and publishing an improvement/sustainment plan.
A successful Technologist and Cybersecurity Leader with broad experience Federal, State, Municipality and Aerospace, Eric Barricklow has over 25 years of developing and aligning Security programs with organizational needs by developing a deep understanding of the business, assessing potential operational impact, and participating in or driving organizational change. He is passionate about ensuring that security is “part” of the business and not just enabling it.
As a trusted advisor, Eric listens to and works with the business in order to develop a proper and relevant security program based on threats to the business. Eric has built a reputation of developing high-performing teams by emphasizing mentoring, coaching, and creating safe environments to develop experience through focusing on professional and personal development as well as broadening business acumen.
Thank you to our sponsor: