The Cyber Incidents Handling Exercise was organized by Cyber Security Zone under the initiative Cyber Security of Pakistan and headed by Cyber Security Expert Muhammad Asad Ul Rehman. IT Experts from various Government and Private Departments participated and discussed their cyber-related issues. The Purpose of the Exercise was to prepare them for how to instantly respond and mitigate cyber incidents.
Cyber-attacks are steadily increasing year by year. Organizations are constantly under threat with over two-thirds experiencing data breaches. Consequently, cyber security preparedness and resiliency are becoming increasingly important to the protection of an organization’s information. One way of improving the ability to handle cyber-attacks is by conducting cyber security exercises.
Cyber security exercises are simulations or tests of some nature, based on a cyber-attack scenario. They test the organization’s ability to detect, investigate and respond to cyber-attacks in a timely, effective, and secure manner. The results of a cyber security exercise could help the organization to identify the areas of improvement in their technology and technical staff.
What is “Cyber Incidents Handling Exercise”?
A cyber security exercise is a hands-on training event to test how an organization detects and responds to information security threats in real time. These threats include unauthorized disclosure, transfer and accidental or intentional modification or destruction of information, including security breaches, stolen information and inability to provide Internet services during an extended systems outage.
Evolution of Exercise:
Scenario planning, simulations and exercises are not new concepts. Armed forces have found tangible benefits in running ‘war-gaming’ exercises for thousands of years. They learn from their experience in a safe manner so that in the event of conflict they know how to react and what to do. The same preparatory concepts have evolved over time and can be adapted to the information age in the form of cyber security exercises. These exercises help to train participants, improve processes (e.g. cyber-attack handling and incident response) and highlight technology that needs updating or replacing.
Participants were from:
- E-Library, Bahawalpur
- Directorate General Public Relations
- Punjab Emergency Service Rescue 1122
- Police Khidmat Markaz
- NRSP Microfinance Bank Limited
- Vocational Training Institute
- University of Central Punjab
- National College of Business Administration & Economics
- Laptop Land
- The Citizens Foundation School
Covered Topic:
- Backdoors
- Denial of Service (DoS)
- Digital Denial of Service (DDoS)
- Exploits
- Social engineering
- Adware
- Bots
- Rootkits
- Spyware
- Trojan horse
- Bluesnarfing
- Keylogger
- Phishing
- Ransomware