Purplecon 2019 kirk, incident response drills: how to play games and get good, https://purplecon.nz/talks#kirk, https://www.youtube.com/watch?v=-8BeooqxuAo&list=PLS45xFo74VF546tbfXXtKDO03cVrAalM6&index=7&t=0s

computers are exceptionally good at taking instructions and making very fast, very precise mistakes very reliably. humans are conceptually similar but interpret their inputs and decide on courses of action based on experience. preperation and rehearsal for messy, no-notice events that are definitely (hopefuly) not business as usual makes us more chill for when something (production) does go down due to novel (gremlins) issues. incident responders should practice for sensitive and time-critical events before they happen so they are able to return things to a safe and stable state with grace and aplomb. this talk is for team leaders or security program owners interested in the craft of using incident response exercises to develop their people. we will learn how these synthetic experiences can be devised against specific environments and standards with measurable outcomes. finally we will cover ways to easily scale difficulty and iteratively improve your exercise program.