NIST 800-171 R2 Control 3.6 Practical Exercise: 3.6.3 Test the Organizational Response Capability

In our recent webinar, in collaboration with Sikich, we dove deep into the intricacies of creating a robust and agile Incident Response (IR) Plan amidst the ever-evolving cyber threats. We focused on how your organization can test its real-world incident response capability and ensure you comply with control 3.6.3.

During this webinar, we discussed the following:

  • Understanding the difference between an event and an incident
  • The significance of running a successful tabletop exercise, simulating real-world incident response situations
  • Expert insights from Sikich on designing, executing, and evaluating these exercises rooted in their vast field experience
  • Understanding the importance of aligning your team, pinpointing gaps in your IR Plan, and amplifying your organization's cyber resilience
  • Practical guidance on refining or building an IR Plan from scratch to safeguard your organization against cyber threats

Whether you're an IT professional, a security officer, or a manager, the knowledge shared in this webinar is pivotal for anyone involved in incident response planning.

Try Certification Assistant

In a world of cyber threats, an agile response to an incident is vital, as is ensuring compliance and adhering to cybersecurity standards. Exostar's Certification Assistant is your tool to understand, track, and ensure compliance with the NIST SP 800-171 controls.

  • Streamlined Compliance: Effortlessly understand NIST SP 800-171 controls and keep track of your compliance journey.
  • Centralized Documentation: A unified hub for all necessary documents and records, ensuring you're always assessment-ready.
  • Self-Assessment & Reporting: Calculate your SPRS score, generate your System Security Plan, and create a comprehensive Plan of Actions and Milestones.

Start Certification Assistant Trial

Equip your organization with the right tools to navigate the complex world of cybersecurity compliance. Start a trial today!

Our Speakers

Profile photo of Kenneth Squires

Ken Squires

Kenneth is a Director at Sikich and leads the governance, risk and compliance team. With more than two decades of experience managing governance, risk and compliance initiatives, including serving as a virtual Chief Information Security Officer (vCISO) for several companies, Kenneth is able to offer clients unparalleled strategic guidance as they work to complete organizational cybersecurity objectives. He helps clients navigate complex compliance requirements related to a plethora of security standards, including NIST, HIPAA, GLBA, CMMC, SOX, PCI DSS, ISO 27001 and more.

Kenneth has a Bachelor of Science degree with a major in Information Security. He also is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), Certified in Risk and Information Systems Control (CRISC), a HealthCare Information Security and Privacy Practitioner (HCISPP), certified in NSA INFOSEC Assessment Methodology (IAM) and an ISO 27001 Lead Auditor. United States Marine Corps Veteran.



Kevin Hancock

Kevin Hancock has over 20 years experience in secure collaboration with distributed teams and partners in highly regulated markets. He has led Sales Engineering, Customer Success, and Professional Services Teams across a broad technology spectrum including Agile Development and DevOps tools and practices; Zero Trust Networking; and Identity and Access Management just to name a few. Focusing on driving adoption, managing change, and helping customers learn, Kevin joined Exostar in May 2021 as Director, Sales Engineering.