Cyber Tabletop and Simulation Exercises

While many organisations invest time and resources in preventing the occurrence of a cyber incident, less frequently organisations prepare for the occurrence of an incident.

So how can you improve your organisation's cyber resilience and be in the best position to respond to an incident? In two simple steps: develop an incident response plan and test it through a ‘Tabletop or simulation exercise’.

What is a Tabletop exercise and what is a simulation? 

A Tabletop exercise is a discussion-based exercise built around a hypothetical cyber incident. Designed to address a series of scenarios, it offers an informal operational environment for team members to build their understanding of the incident response process, consider key decision points, and align on roles and responsibilities. This type of exercise is a great starting point for organisations that are working to build competence and confidence in cyber and crisis response.

A cyber simulation exercise will allow you to put your organisations incident response processes to the test in a live, coordinated walk-through. It allows the crisis management team (CMT) to experience the way crisis-level cyber incidents unfold in semi-real time, helping them better understand their roles and responsibilities, and the process for escalation. Simulation exercises offer a more intricate approach to cyber preparedness and are best suited to organisations that have mastered the Tabletop exercise.

What will you come away with?

Designed to build competence and confidence amongst core team members, our exercises will help your organisation:

• understand the current cyber risk landscape and evolving regulatory frameworks;
   
• challenge any existing incident / data breach response plans;
   
• examine the adequacy of your internal and external communications channels;
   
• explore key milestones for an effective incident response, including processes to mitigate risk and get back to business as quickly as possible;
   
• identify opportunities for planning and procedural improvement; and
   
• clarify roles and responsibilities for internal and external stakeholders. 

Who from the organisation should attend?

Cyber incident response requires buy-in from a number of business functions, each with unique expertise, roles, and authority. 

For maximum benefit, the exercise should bring together members of your cyber incident response team / crisis management team, key IT personnel, legal, risk and communications functions, and upper management with business decision-making authority. 

What is the scope of the exercise?

We can work with you to determine what type of exercise is best for you and recommend different sessions depending on your objectives, maturity and intended audience.