Cyberpractice: Creating and Conducting Cybersecurity Exercises for the Organization: Cybersecurity Best Practices
Peer Reviewed
Date issued
November 2022
Subject
Cybersecurity;
Best Practices;
Knowledge;
Cybercrime;
Virtual Reality;
Auditing;
Learning
JEL code
C83 - Survey Methods • Sampling Methods;
C90 - Design of Experiments: General;
C92 - Laboratory, Group Behavior;
C93 - Field Experiments;
D70 - Analysis of Collective Decision-Making: General;
D78 - Positive Analysis of Policy Formulation and Implementation;
D80 - Information, Knowledge, and Uncertainty: General;
D81 - Criteria for Decision-Making under Risk and Uncertainty;
H12 - Crisis Management;
K24 - Cyber Law;
M10 - Business Administration: General;
M15 - IT Management;
M53 - Training;
O20 - Development Planning and Policy: General;
O21 - Planning Models • Planning Policy
Country
Israel
Category
Learning Materials
This guide presents the principles and rules for planning, creating, and conducting cybersecurity exercises, and the process of learning lessons from them. The document also discusses annual and multi-year exercise programs, intended to be used by organizations in their overall effort to maintain, preserve, and promote their cyberresilience. The guide is divided into two sections: the first describes the conceptual basis, while the second focuses on selected issues, helping put theory into practice. This publication is part of the "Cybersecurity Best Practices" collection, a compendium of practices, methodologies and recommendations in cybersecurity oriented to organizations, developed by the Israel National Cyber Directorate (INCD), and adapted in this series by the Inter-American Development Bank (IDB), with the objective of facilitating access to this body of knowledge throughout the Latin American and Caribbean region.
