This week I participated in a simulated cybersecurity incident exercise—a tabletop War Game—with Austin’s chapter of the Information Systems Security Association. Participants in the War Game each represented parts of a business responding to a cyber incident, including the C-suite, Legal, Engineering, Public Relations, and Customer Service (I played the General Counsel). We were given the facts of the incident real-time as they “happened” and we responded real-time with recommended actions and advice. The audience played the role of the general public, peppering us with customer complaints and investor questions to complicate our deliberations and actions. Read more