5 Top Tips for an Effective Cyber Crisis Tabletop Exercise

Date: 21 April 2020

Featured Image

Cyber table top exercises are on the radar for all businesses that understand the importance of cybersecurity today. Find out what makes a normal cyber response test a really good and effective cyber crisis tabletop exercise.  

The current cyber threat landscape has demonstrated two things:  

  1. Any cyber incident response plans are pretty much useless, unless they are tested over and over again.
  2. You have to think 'way, way out-of-the-box' when planning your attack scenarios.   

This blog is not about designing crystal balls to gaze into the future. We are focussing on testing your response plans. Importantly, when it comes to testing your cyber response plans,  regulators across the globe, are demanding that companies conduct regular cybersecurity tabletop exercises to demonstrate that they are prepared to prevent loss of critical data and to protect citizens’ privacy.  

It's easy to conduct a test of your cyber response plans but it takes effort and planning to conduct an effective cyber tabletop exercise that validates the plans and builds participant muscle-memory. Let's take a look at what you must focus on in your cyber response scenario tests.

Note: If you are really serious about improving your organisational resilience against cyber attacks with regular tabletop testing, don't forget to check out our Masterclass on How to Plan and Conduct an effective Cyber Tabletop Exercise

New call-to-action


5 Key Focus Areas for an Effective Cyber Attack Tabletop exercise 

  1. An experienced facilitator: Holding the attention of top executives or deep-techies for 2-4 hours isn’t an easy job. The facilitator has to not only be adept at hosting an interactive and engaging session, they also have to be experienced enough for others to find intense value in what they have to say. 

    Make sure you find yourself a cyber-specialist who has experience in conducting cyber tabletop exercises, is an authority in cybersecurity with practical, real-world experience and can engage both technical and executive audiences.

    Cyber drills for our clients are conducted by the world's #1 cyber crisis tabletop exercise facilitator. Having planned and conducted cyber simulation drills over 300+ clients across the globe, we have demonstratable proof of the value that our facilitator brings to their business. Take a look at our cyber tabletop exercise case studies to see enlisting our services has helped our clients bolster their cyber resilience tremendously. 

    View Tabletop Case Studies 
  2. An exercise built on facts: You must demand that the facilitator (typically the CISO or the BCP manager) and those in their team have all the facts about the organisation before hosting the exercise.  Unless they are aware of what your critical data is and where your crown jewels lie, they won’t be able to draw out a compelling exercise based on believable scenarios for your business.   

    Use our extensive top Cybersecurity Tabletop Exercise Scenarios document for a better understanding of the most relevant and compelling scenarios you can work with. 
      
  3. A 'real' scenario: Speaking of scenarios, it’s imperative that the cyber tabletop exercise is based on a scenario that is actually relevant to your organisation. It shouldn’t be flimsy. (No, please don't say, we are running a phishing scenario - that’s not good enough). In fact, it should be so real that it jolts the participants into attention and makes them a little worried!    

  4. Carefully chosen participants: Work with your facilitator and identify the key executives in your organisation who must, mandatorily, attend the cyber tabletop workshop (also referred to as a cyber incident response test). This list of attendees must include employees responsible for making critical decisions at the time of crisis, heads of departments, key management reps from departments like HR, communications, legal, marketing and of course, technical staff who know the systems and processes well. 

  5. A formal report: Insist on receiving a formal report at the end of the exercise. This should assess the effectiveness of your incident response plans and related processes and it should provide an accurate score of your business’s breach readiness. You can then work on your weak areas and enhance your cyber resilience.  

While we always recommend hiring an external facilitator for the most effective cyber crisis tabletop workshop, you can also conduct one internally to begin with. Use our incredibly valuable and easy-to-use resources to start immediately. These documents have been created by our exceptionally experienced team of cyber drill facilitators and contain wisdom and guidance from their years of experience: 

1. Data Breach Tabletop Exercise Template
2. Cybersecurity Tabletop Exercise PowerPoint

New call-to-action