Conducting regular security incident response tabletop exercises is the only non-destructive way to prepare your organisation for ransomware or other types of cyber attacks. Given the new ‘normal’ brought on by the pandemic, it’s even more critical to make cyber incident response exercises a mandatory and repeating drill.
Cyber Incident Response Planning & Incident Response Cybersecurity Tabletop Exercises have become a necessity for modern, digital businesses. Just having an incident response team to deal with cyber threats is not adequate anymore. Cyber-attack simulation exercises are vital to the well-being of any business today.
The SolarWinds hack proves that no organisation or even government is immune to a cyber security attack today. This attack is also known as the Solorigate cyber-attack and is considered the most advanced cyber-attack. Its list of victims include:
This is why a focus on cyber incident planning & response is imperative. What is even more important is continuously testing and validating the effectiveness of your plans.
A good Cyber Incident Response Plan or “IR Plan” tells you what should be done in case of a cybersecurity incident. This plan should ideally be a short, crisp and to-the-point document. It should specify the roles and responsibilities of each team member. The IR Plan should also ideally be based on the NIST Cybersecurity Framework and the recommended phases.
A Cyber Table top Exercise, on the other hand, is a cost effective way to test the efficacy of these plans. These cybersecurity tabletop exercises are a safe way to conduct attack simulation drills. One of the objectives is to put key stakeholders in an environment of intense pressure. They are forced to think and act like they would when under a real cyber attack.
Want to learn how to plan, produce and conduct an effective Cyber Security Incident Response Tabletop Exercise in your own organisation. Check out our Masterclass on How to Conduct a Cyber Tabletop Exercise.
There are several benefits of running regular cyber security incident response tabletop exercises including:
Yes, cyber crisis tabletop exercises take your organisational cyber security to the next level. But that's not all. For many businesses, conducting regular incident response tabletop exercises is a regulatory requirement.
Read our detailed blog for more information on the regulatory requirements for Business Continuity Planning & Testing in the Middle East.
Recently, even the Monetary Authority of Singapore has advised organisations in the financial technology space to regularly conduct incident response tabletop exercises. In its revised Technology Risk Management Guidelines 2021, section 13.3 of the compliance checklist covers the critical aspect of Cyber Security Assessment.
This section talks of Incident Response Cyber Exercises as a vital step forward towards ensuring cyber resilience of the business. The TRM guidelines 2021 advise regular incident response cyber exercises that validate the organisation’s response and recovery strategy.
An Incident Response Tabletop Exercise is a Cybersecurity mock drill in the simplest definition. It is a cyber attack simulation exercise. An attack scenario that is extremely relevant to the business is simulated during the workshop. Check out our most comprehensive list of cybersecurity tabletop exercise scenarios for more information on this.
The first step in conducting a security incident response tabletop exercise is choosing the right participants. Don’t limit yourself to members of the Information Security team. You have to involve important business decision makers and even C-suite executives as part of the exercise. The right people make the exercise really effective.
Next, comes the scenario. Tabletop Cybersecurity Exercise Examples could range from a basic phishing attack to an attack on the crown jewels of the business. The scenario is usually based on the specific nature and industry of the client. It is often also led by threat intelligence-based research.
Download our Cyber Tabletop Exercise Powerpoint and Data Breach tabletop Exercise Template created by the world's leading cybersecurity practitioners. The Cyber Tabletop Exercise PPT and PDF are easy-too-use and customise and you can get started with planning your own exercise immediately.
For the actual exercise, it is important that the host create an intense atmosphere. The pressure inside the room (or virtual environment) should be akin to what an actual attack will feel like. All participants must be forced to think on their feet.
Only then will you know if all participants know their duties when an attack takes place. This is also the only way to know if they’re familiar with the incident response plans at all. Their ability to collaborate and coordinate with other teams will also be tested.
This is precisely why it is always a good idea to hire external experts to conduct an Incident Response Tabletop Exercise. Your organisation will benefit from the years of experience and knowledge of an external facilitator. An external host will also be able to look at your company’s level of preparedness from an objective, external perspective.
Most reputed facilitators of Cyber Incident Tabletop Exercises will present your business with a formal report at the end. This report highlights the strengths and improvement areas of the business. So it can be used to enhance security measures and plug the gaps in your incident response plans.
For more details on what happens in an incident response tabletop exercise, read our detailed blog.
We work with you on planning, creating scenarios, producing the scripts and artefacts and running the actual workshop. We can run a complete cyber tabletop exercise virtually using Zoom, Microsoft Teams or Google's Meet (previously known as Hangout).
We also present our clients with a formal audit report of the exercise. This provides them with important data including a cyber breach-readiness score. This score gives a good indication about how ready they are to respond to a specific cyber-attack scenario.