Nacha’s Payments Innovation Alliance, a membership program bringing together diverse global stakeholders to transform the payments industry by cooperatively developing solutions, staying ahead of trends and unlocking the potential of the payments ecosystem, released a new tabletop exercise to help small to medium-sized businesses prepare for a cyberattack. The exercise is being offered as part of the Alliance’s Cybersecurity Awareness Month activities.
Developed by the Alliance’s Cybersecurity Response Project Team, the objectives of the tabletop exercise are to increase organizational preparedness, response, and recovery efforts related to cyberattacks; advance the understanding of management and key internal and external stakeholders; provide actionable approaches for leadership to direct and bolster the organization’s resilience and identify enhancements requiring attention from company leadership. The exercise also establishes a framework for compliance by fostering an understanding of the laws, regulations and rules that apply, making it easier for participating companies to implement programs that can address their obligations.
“One of the first possible steps for a business to address cybersecurity resilience is to conduct a role-playing activity in which participants respond to scenarios presented in a way that educates the participants on how to respond to a cyberattack and informs the company on areas where its cybersecurity response plan can be enhanced,” said Jennifer West, AAP, APRP, Nacha’s Senior Director, Payments Innovation Alliance, Education & Accreditation. “A scenario can be used to gauge an organization’s readiness, uncover opportunities for remediating issues and create an action plan while there is not a real, immediate cybersecurity threat. The Alliance developed this free tabletop exercise kit so medium and small-sized businesses can adequately prepare for the growing likelihood of a cyberattack.”
The kit includes the Tabletop Exercise Leader’s Guide for facilitators, which covers planning, conducting and evaluating the exercise and responses and provides a framework that can be adaptable to a variety of cybersecurity threats. It also includes a Cybersecurity Scenario, containing a set of facts for the exercise, which can be customized by the company as appropriate, a Discussion Points Workbook for facilitators and a Participant Workbook for capturing notes during the exercise.
SOURCE: Businesswire