2019 Cybersecurity Incident Response Tabletop Workshop

In partnership with Intrinium, Splunk and KAI Partners, the California Community Colleges Chancellor’s Office (CCCCO) executed an Incident Response Tabletop Workshop on Wednesday, October 30, 2019.

The following outlines a sample portion of the scenario and important points to consider. For the full presentation and more information, please download both the Powerpoint presentation and Incident Response Playbook.

Sample Scenario:

A department manager calls and says they didn't realize that an email they opened was a phishing attack and opened an Excel attachment on it. Nothing seems to be wrong with their system, but they wanted to let help desk know.

• Do you know what this user has access to?
• Can you determine what the malicious file is doing?
• What do you do to the user’s system?
• Can you determine if any other users opened the attachment?
• Can you monitor if the user’s credentials have been compromised?

The CCCCO intends to bring additional scenarios to the system on at least an annual basis.