At 3 Tree Tech’s Stealth Security Experience in Chicago, Shefali Mookencherry from the University of Illinois Chicago shared a powerful perspective on cybersecurity crisis management. “Cybersecurity is like an orchestra,” she explained, “where every role has to work in harmony to respond effectively.” Drawing from real-world experience, Shefali showed that cybersecurity resilience depends on more than just technology; it requires teamwork, adaptability, and a strong focus on the people behind the systems.
The Real Problem? It’s Not Always the Tech
One of the biggest challenges Shefali discussed is a hidden “knowledge gap” that often surfaces in crises. When a ransomware attack disrupts operations, the most challenging hurdle might not be the technology—it’s the people using it. Shefali highlighted this with an example: “You think the technology will be your main challenge, but often, it’s a skills gap—like young physicians who don’t know how to operate without digital tools.” This dependence on automation is a potential vulnerability if essential skills, like handwriting prescriptions or tracking data manually, have been forgotten.
The solution? Hands-on, role-based exercises that move team members outside their comfort zones. By working with unfamiliar tools in new roles, teams start to see the potential cracks in their processes. Shefali’s approach reminds us that resilience training only prepares us for the unexpected when it genuinely challenges us.
Crisis Mode: Who’s Taking Care of the Team?
An Emergency Operations Center (EOC) is often seen as the crisis command hub. However, Shefali’s approach highlights a more significant role for the EOC: supporting people who are managing emergencies. “If the people running the EOC aren’t supported, there’s no one left to help others in need,” she noted. This emphasis on sustainability pushes us to look beyond system continuity—focusing also on the long-term well-being of our teams.
Establishing an EOC that operates effectively in prolonged, high-stress situations is essential. It’s about creating an environment that takes care of responders with dedicated resources for physical and mental support. This insight changes how we look at crisis plans, underlining that successful management depends as much on human support as on technical readiness.
Tabletop Drills Aren’t Cutting It—Here’s What Actually Works
Tabletop exercises are valuable but often miss the mark when replicating a real-world incident’s complexity. Reflecting on her recent work with Texas A&M, Shefali observed, “Standard tabletop exercises don’t capture the complexity or stress of a real-world incident. True resilience comes from testing for unexpected challenges.”
For example, her team at UIC discovered surprising vulnerabilities in HVAC and water systems during a multi-day exercise, demonstrating that cyber attacks don’t just impact data—they affect physical systems and daily operations. Cross-functional training that integrates teams from facilities management, logistics, and campus security pushes teams to spot weaknesses that often go unnoticed. These exercises underscore a crucial point: cybersecurity incidents impact entire infrastructures, and responses must be coordinated across all systems.
Are You Asking the Right Questions About Cybersecurity?
One of the most impactful takeaways from Shefali’s presentation was the need to ask tough questions before a crisis. What if the systems we rely on fail? How prepared are we to operate without digital tools? Do we have the skills to function if our usual systems are down?
Shefali’s method encourages thinking broadly, testing rigorously, and learning by doing. These probing questions reveal gaps that could turn a manageable incident into a full-blown crisis. To be ready, organizations need a flexible response plan that accounts for both technical and human limitations. Thorough testing and scenario-based training uncover “unknown unknowns,” turning potential vulnerabilities into strengths.
Want True Cyber Resilience? Here’s How to Get There
Effective cybersecurity resilience is like conducting a symphony, with each team member ready to act in concert when a crisis strikes. Shefali demonstrated that true resilience is not just about technical preparedness but also about human adaptability. It’s about building a culture of resilience where everyone in the organization is prepared to respond to a crisis. Organizations are better equipped to respond quickly and effectively when people, processes, and systems align.
At 3 Tree Tech, we believe in the power of holistic cybersecurity preparation. Shefali’s insights reinforce the importance of robust, adaptive resilience strategies that meet real-world complexities. If your organization is ready to strengthen its cybersecurity, our team can help orchestrate the right solutions to empower your business in the face of the unexpected. Reach out to explore how we can build resilience together.
Shefali Mookencherry is a seasoned professional with expertise in information security, higher education privacy, HIPAA, research, healthcare policy and strategy, promoting Interoperability (PI) and compliance. With 20+ years of higher education experience – including 30+ years of healthcare experience, and 17 of those years in senior management positions – she is acknowledged as a cybersecurity Subject Matter Expert (SME), who has fulfilled Chief Information Security Officer (CISO) roles and conducted information security risk analyses and assessments in the U.S.A. and internationally.
Shefali also has a keen interest in the adoption of innovative technology and provides leadership, consultation, coordination, and integration of information processes with enterprise-wide information technology and information security strategies.
For Leaders, By Leaders (FLBL)
We are leaders that enjoy networking leaders with other leaders. Do you want to talk one of our Insights authors, a speaker, or be plugged into one of many communities that we are partnered with across the country? Time to call in the cavalry! We’re saddled up and ready to ride to your rescue.