Cybersecurity Tabletop Exercises (TTX)

 

It's necessary to test your company's incident response capabilities. Otherwise, responding to an adversary is like facing off against a football team without practicing before the season.

Level 1: Awareness Tabletops
This format provides an introduction to tabletop exercises. Each scenario includes a significant event such as a data breach. There is an awareness and training component where a scenario is presented and participants select the best answer from four options (A, B, C and D).

The conversations are what is important. Operational functions throughout your organization exercise their role and experience the importance of working together during incident response.

This is a good place to start if your organization has not conducted a tabletop exercise or if your senior executives have not participated.

1b: Recent Incidents
This second exercise leverages the four option approach from Level 1a above. The scenarios in this exercise are based on real-world cybersecurity incidents within the past year.

• Nine scenarios
• 90 minute session
• 4 options for each scenario
• Similar to “choose your own adventure”
• Select the best path forward

Target Audiences:
- CEO, COO and CIO
- Business unit leaders
- Information Security Manager
- Members of IT and security teams
- Privacy Management
- Fraud Prevention
- Third Party Risk Management
- Crisis Management Team

Level 2: Tactical Tabletops
This second level of difficulty introduces a degree of stress, which tests the effectiveness of response capabilities and Incident Response Plan design.

Scenarios are presented followed by updates on how the adversary is adapting. Participants need to develop their own responses.

2a: Scenario Questions

This session is a half-way point to a full scale cybersecurity tabletop exercise.

• 90 minute session
• Participants develop their own responses
• Similar to a real-world cybersecurity incident
• Leverage the Incident Response Plan and work together

Target Audiences:
- CEO, COO and CIO
- Business unit leaders
- Information Security Manager
- Members of IT and security teams
- Privacy Management
- Fraud Prevention
- Third Party Risk Management
- Crisis Management Team

2b: Scenario Injects
This exercise applies a degree of stress, which tests the effectiveness of response capabilities and Incident Response Plan design.

• 4 hour session
• Participants develop their own responses
• Similar to a real-world cybersecurity incident
• Leverage the Incident Response Plan and work together

Target Audiences:
- CEO, COO and CIO
- Business unit leaders
- Information Security Manager
- Members of IT and security teams
- Privacy Management
- Fraud Prevention
- Third Party Risk Management
- Crisis Management Team

Recommendations

 
"When you work with Gideon you can quickly glean his subject matter expertise and outright professionalism. I have worked with Gideon on several projects over the years, and none short of successful. One in particular that stuck out was his insights while he created a from-scratch tabletop exercise tailored to a previous organization I worked for. His attention to detail made it very easy to pick up and run with several cross-functional teams. Ask Gideon for anything, you will not be disappointed!"
- Information Security Executive at a Managed Hybrid Cloud provider

Fees and Payment

 
Tabletops may be conducted on-site or remotely. Each tabletop is billed at a flat rate, not including travel expenses.

The engagement begins once the Statement of Work is signed and upon receipt of payment.

Custom exercises may be conducted based on the needs of the client. Annual tabletop exercises are recommended to maintain incident response readiness.

This service offering description provides an overview for informational purposes only. The Statement of Work and the Master Services Agreement are the official documents for each assessment engagement.