When we launched Rackspace Managed Security in 2015, we included everything needed to deliver on our promises — such as a state-of-the-art Customer Security Operations Center (CSOC), certified security analysts and proven processes.
But Daniel Clayton, Director of Rackspace Managed Security, had one concern. How would his team respond under the stress of a major cyber event? Or two major cyber events occurring simultaneously? When the adrenaline is rushing, would they be able to deliver?
Although he had confidence in his team and the operations they had built, he couldn’t prove how they would respond. As a new organization, they had no historical track record to lean on.
So Daniel reached out to EY for assistance. EY Principal and Cybersecurity Leader Sean Wessman and his team created a series of exercises that would test Rackspace Managed Security’s operational maturity and effectiveness — as well as its ability to deliver under pressure.
These exercises followed three phases:
Phase 1: Extended Tabletop
In this phase, the team tabletops a hypothetical breach that poses a risk to Rackspace Managed Security, in order to identify and assess communication processes and stakeholder coordination.
Phase 2: Collaborative Hands-On Exercise
Next, the team walks through attack scenarios, broken down by phases of the attack lifecycle. During this live practice, Rackspace management leaders only observe — to help ensure that everyone knows their role, without relying on their managers.
Phase 3: Integrated Sustained Global Simulation
In the final phase, the team experiences a simulated, global pervasive cyberattack, over several days. The exercise simulates an actual event as closely as possible, and tests all aspects of the cyber response under highly stressful circumstances.
EY’s testing has been so effective in increasing his team’s operational maturity, effectiveness and resiliency, Daniel plans to make it part of the Rackspace Managed Security annual training cycle.
Hear all about this journey from Daniel and Sean themselves, in this recording from Rackspace::Solve NYC 2017. They discuss the testing cycle in detail and explain how it helps Rackspace Managed Security be even better prepared to respond to cyberattacks