When a disaster strikes, people resort to instincts and their training, and IT professionals are no different. In the face of a major system outage or security breach, IT staff will do what they have been trained to do.
For emergency preparedness, Training is not an option, it is a requirement.
Emergencies by their very nature are incredibly stressful and chaotic. People feel most comfortable in any situation when they know what to expect, what to do, and when it needs to be done. In an emergency, they will not necessarily know what to expect, but they will know what to do if they have been trained.
Training is also important for your companies’ Response Team, CIRT teams, because security incidents can be devastating to a company. CIRT members should know what to look for and exactly what actions to take in order to address a potential security breach or another serious IT incident. It does not help to shut down a server if the firewall has been breached or to shut down email if the virus has infected a server.
In addition to general IT skills, CIRT members should represent the various areas of expertise required in your IT department including servers, infrastructure, security, database administration, and applications.
If training is provided for your IT staff and CIRT team regarding servers, infrastructure, security, database administration, applications and other relevant areas within your IT department, your staff will have the training to fall back on.