NTCA had continued to keep our eye on critical issues for our membership and that most certainly has included efforts and tools to protect their broadband networks and the networks that they manage through our CyberShare program, the only ISAC devoted to the small broadband provider sector. That sometimes feels like a great deal of responsibility but that is also the reason why it was so gratifying to have our team and our CyberShare program host an industry-wide ransomware attack exercise for all small broadband providers across all sectors. In the spirit of sharing how the exercise went and lessons learned, the best way I can do that is sharing the words from our own Lauren Gaydos, NTCA's Public Relations Manager, who observed our hosted events and had posted the following blog. As always, I see no reason to reinvent the wheel when our own NTCA team has already shared so well:
CyberShare's "Breached!" Virtual War Game Asks, 'What Would You Do' in a Cyber-Attack
It’s a nightmare scenario that is becoming all too common these days: A company gets an email from a hacker saying, “We have stolen all of your customers’ data, and we will be releasing it unless you pay us a ransom by noon tomorrow.”
What do you do?
Small telecommunications providers have a vested interest in keeping their networks safe, and the need for strong cybersecurity measures has only heightened during the COVID-19 pandemic. CyberShare: The Small Broadband Provider Information Sharing and Analysis Center (ISAC) works every day to keep networks run by small broadband providers safe by collecting and disseminating real-time threat information, indicators and mitigation strategies from a variety of public and private sources and facilitating communications among participants.
During two free sessions on December 3 and 9 due to overwhelming demand, CyberShare partnered with Booz Allen Hamilton, as well as NTCA, ACA Connects, the Competitive Carriers Association, NRECA, the Rural Wireless Association, Telcom Insurance Group, NRTC and WISPA to host Breached!, an interactive wargame exercise to simulate how to respond to a cyber-attack. More than 150 participants from small network providers spent four hours working in small groups to walk through a real-life scenario—what happens when your network is breached?
In the pretend scenario, a small telecommunications provider that has seen an “uptick in malicious cyber activity” experiences a network breach despite efforts to continually patch its systems. The company has an incident response plan and insurance, but it has never experienced a big hack. Participants worked together to answer important questions, such as: What are the greatest risks during a cyber-attack, and how do you mitigate them? What decisions are required of executives during a cyber-attack? When do you engage with outside counsel or the government? And how do you manage internal and external communications?
Participants role played different positions on a crisis management team to step into the shoes of the communications lead, the general counsel, the HR representative, the executive, the IT team, and more. Broadband providers need to be able to respond to a cyber-attack at a moment’s notice and being prepared to look at the problem from all angles is invaluable.
Breached! participants said they found the exercise extremely helpful.
“This exercise was very engaging and an eye opener for me,” said Daniel Hernandez, information security analyst at Pioneer Telephone Cooperative, Inc. (Kingfisher, Okla.) “I believe that having an example of how to properly execute a table top exercise will help our security team create a similar learning experience for our executive team and engage them in preparing our organization for the cyber-threats we face.”
NTCA members who want to continue strengthening their cybersecurity posture can join CyberShare to access threat information, indicators and mitigation strategies from a variety of public and private sources and benefit from communications with other broadband providers. Working closely with industry partners, the federal government and other stakeholders, CyberShare helps small broadband providers recognize, analyze and respond to vulnerabilities, threats and other risks. To learn more, visit www.cyber-share.org.
