Drills and exercises for IT crisis management
-
When conducting drills and exercises, it is important to distinguish them from day-to-day business and set the desired responses and behaviours in motion quickly. To prevent any type of delay, the trigger must be so huge that actors are forced to take action fast. Drills and exercises are also designed to push actors and capacities to their very limits in order to identify weaknesses and expose problems.
As a rule of thumb, based on empirical data, everything should be 'three times as serious/intense' as it would in a standard crisis situation. However, scenarios must always remain plausible even under these conditions. So they are based on real situations, just on ones that would only be possible in very specific circumstances ('artificial exercise scenarios'). In public, however, the mistake is often made of conflating these scenarios with real situations.
-
Sometimes, drills and exercises involving a very specific scenario, the handling of a special situation or a specific trigger need to be completed. (e.g. response to a bomb threat, measures in the event of malware attack)
But generally, the goals of an exercise are specified first. In order to achieve these goals, possible stories are found as triggers that are intended to initiate the desired behaviour (e.g. checking the communication relationships, crisis response mechanisms, etc.). The scenario is therefore the story that "packages" the goal, or the desired behaviour that triggers or explains this goal or ensures that it is plausible.
-
Scenarios are designed to help people immerse themselves in a particular situation within the artificial environment of drills and exercises. They provide participants with a specific issue that they then have to think about solving and respond to by taking appropriate action.
A distinction needs to be made between whether the scenario and the warm-ups are part of the exercise (situational assessment based on individual accounts, response to previously practised events, etc.) or whether they are simply an aid to fleshing out the overall situation, with other matters the subject of the exercise itself.
For example, the scenario might be 'a power failure', but the aim of the exercise is to review communication relations and their operational readiness. The trigger can be 'packaged' in a short narrative, but in this case the cause of the failure is not actually important, because it is the consequences we are interested in. However, it is easier for participants to understand the exercise if they are given a reason for the power failure, for example, a lightning strike, arson, accident involving a road tanker or similar incident.
-
There are various types of drill and exercise, depending on the objective. These include:
- Technically oriented drills such as contingency planning tests (evacuations, restarts, power failures, etc.)
Communication exercises, which focus on optimising the flow and transfer of information between the various stakeholders. (example: Cyber Europe 2010)
This category also includes a number of special cases, such as the following:- Communication reviews: this involves activities such as checking whether contact directories are up-to-date and whether contact is made with the right individuals in a crisis
- Alarm drills: these check aspects such as response time in an emergency <COMCHECK and ALEX>
- Planning meetings, where procedures and measures are worked through and discussed only as a 'table-top' exercise (example: Cyber Atlantic 2011)
- Incident command staff exercises ('strategic command exercise'), in which these command structures identify a specific scenario, and discuss, plan and make decisions about the necessary measures but without actually implementing these decisions (example: LÜKEX 2011)
Full-scale exercises, where everyone from the command staff through to the emergency care workers and local experts acts out their roles as they would for real (e.g. disaster relief exercises, railway accidents, tunnel evacuations, etc.).This type of exercise is often made possible only by investing a great deal of time and resources.
-
Drills and exercises offer the opportunity to identify gaps, weaknesses and flaws in a safe environment and without the consequences of an actual crisis so that contingency planning can be improved. In drills and exercises, mistakes are expressly permitted as they help to develop and optimise procedures, processes, measures and decisions.
This means drills and exercises primarily serve to "improve and develop the system", "train, inspect and check" and "develop new concepts".
Another important part of all drills and exercises is the effect of raising awareness of the subject of the exercise, as well as of procedures and of the organisation of processes and responsibilities. -
As a general rule, every drill is a success if all of those involved in the preparation and execution of the drill treat the scenario as real and respond to it seriously.
The drill is doomed to failure if the scenario is so implausible that the trainees simply do not accept it, and hinder its aims and objectives.The drill is a safe environment, in which errors may be made, and where processes and procedures can be tested and may fail to work as intended. Identifying these is a precondition for ensuring that processes, workflows, decision pathways and measures can be optimised and adjusted to ensure that they work properly in a real crisis and that errors are no longer made. In this sense, the fact that the drill is being run and corresponding insights can be obtained should already be seen as a 'success'.
For large-scale drills, the preparatory phase is especially important, in which all aspects of drill execution and the problems that may arise can be worked through and discussed in detail. The mere fact of engaging with this material and proceeding to derive immediate actions is itself extremely valuable. As Dwight D. Eisenhower said, "Plans are worthless, but planning is everything".