What people are doing now, though, is setting up a separate network for training, but they are not able to do anything within the production environment. It's all hypotheticals, Cianciaruso said. "If this happens, this is what we do next. There is no real means to fully understand that these are the exact alerts and actions. This is what I will see on the screen. It's all tabletop exercises even if you are calling them functional exercises," he continued.
Because understanding risk is critical to being ready to respond, the more you can do it in a real environment, the better positioned you are to put out the fire before it rages out of control. Perhaps it's time for your security team to graduate to a new test, training, and exercise program.
Sign up for Computerworld eNewsletters.