Menu
Open Search

Information Technology (IT) and Information Security (IS) grow increasingly complex as new technologies and tools are deployed to maintain the confidentiality, integrity, and availability of networks and data while enabling business operations. In response, threat actors are constantly evolving the tactics and techniques used to carry out attacks. To effectively secure environments, it is critical that security teams fully understand their own attack surface while staying up to date with the ever-changing threat landscape. To help address this complex problem, SC CIC began providing Cyber Readiness Exercises.

Cyber Readiness Exercises are engagements designed to assess and improve an organization’s ability to detect, respond to, and recover from the various types of attacks that pose risks to them in their environment. 

Attack scenarios are presented to participants that simulate real-world cyber threats and challenges, allowing teams to enhance their defenses by:

  • Testing their incident response plans
  • Identifying weaknesses
  • Evaluating technical security controls

These exercises also facilitate collaboration among different departments, promoting a cohesive and synchronized response to potential cyber incidents which can improve reaction time during actual attacks. Because of the adaptable nature of these exercises, they can be tailored to benefit a wide range of organizations, from providing essential learning opportunities for novice security teams to challenging security experts with advanced simulations and attack emulations.

After completion of the exercise, participants receive a comprehensive report that outlines the results. This report includes an Executive Summary to highlight exercise objectives, major findings, and high-level recommendations for organizational leadership. It also includes an analysis of exercise results, including an assessment of the organization's cybersecurity maturity on a scale, a breakdown of cybersecurity maturity at each phase of the incident response process, and identification of specific areas where security is lacking. Each aspect of the exercise includes a score so that improvements can be objectively verified over time. Also contained in the report are recommendations on how to strengthen capabilities for each skill exercised. These engagements give SC CIC unique visibility into the environments of critical infrastructure organizations and sectors across the state.

readiness exercise graphic

 

If you represent a critical infrastructure organization and are interested in any of the SC CIC services, please complete the Join SC CIC form here.

Need to report an incident?

If you are a South Carolina critical infrastructure organization experiencing an incident, report it here.