Select Page

Gary Hibberd

20200731

Cyber Security Incident Tabletop Exercises

Businesses should have a cybersecurity incident response plan. Most do not have one. In the event of a data breach, that plan will save a business from making matters worse.

Cybersecurity tabletop exercises test a business’ responses to an incident. Think of it as a test of the incident response plan and of responder training to effect that plan. Tabletop exercises engage and help responders to manage their reactions to simulated incidents. This includes identifying weaknesses in the response team capabilities and planning. Lessons are learnt, making the business ready when a real incident occurs.

Our cybersecurity tabletop exercises are a “What If?” scenario, where a business can simulate tailored real-world security threats. The tabletop exercise does need a cybersecurity incident response plan already in place. Do talk to us if you don’t have a plan. We can help you tailor one to help you protect what matters most.  

Find out more.

What can a business learn during a cybersecurity tabletop exercise?

During a tabletop exercise, we engage all participants to respond to a scenario as if it were real. Our expert team will play out the tailored scenario. Participants will interact. Their actions will alter the outcomes of each stage of the scenario. If required, we will include other functional areas of the business/world as necessary. Once the scenario reaches the end point, we will review what occurred. We will provide feedback, in the form of a report, and welcome discussion on how to improve the response.

Major learnings include:

  • An increased understanding and awareness of existing threats
  • Identification of gaps in the incident response plan
  • Clarification of emergency roles and responsibilities
  • A people, process, technology capability gap assessment
  • Feedback to improve the incident response plan.
  • Runbook creation to speed up the incident response process

Which cybersecurity tabletop exercises can imitate which threats?

We will tailor the exercise to your business. We can simulate any security threat that exists into a tabletop exercise. Common simulations include:

  • Business email compromise
  • Email account compromise
  • Ransomware
  • Malware
  • Insider threat
  • Cloud compromise
  • Cloud misconfiguration
  • Distributed denial of service (DDoS)
  • Unauthorised computer on network
  • Malicious internal scanning
  • Email phishing attack

What is a realistic timeline for a cybersecurity tabletop exercise?

A tabletop exercise is not simple to plan or easy to execute. We will need to

  • understand your business, its key processes, people and data,
  • understand its contractual requirements or other concerns,
  • understand its risk tolerance

From there we can create a custom security breach scenario that will simulate the chaos typical to an incident.

The biggest issue in our experience is getting all the key responders together.

We will provide an After Action Report (AAR) two weeks after the exercise delivery. The AAR will detail the major learnings.

What are the advantages of us delivering the cybersecurity tabletop exercises?

  • Low stress environment
  • Low cost way to test emergency plans, responses, and roles
  • Facilitated discussion of problem areas
  • Encourages cross-functional collaboration and communication
  • Allows for remote participation
  • We are accredited (By NCSC CHECK and Crest) experts in cyber security attack and defence

An incident response plan is very important to all businesses handling data. That plan needs testing at least once a year. This will:

  • prepare the business when faced by an actual security incident,
  • reduce the cyber security risk,
  • minimise potential damage,
  • ensure the situation is not made worse

Arcturus Security is a UK based offensive and defensive cyber security company. We are part of the Cyberfort Group of Cyber Security companies.

Our experts can help you create an incident response plan. We can provide tabletop exercises to test your existing plan.

Our aim is to ensure our customers reduce their risk of compromise to the lowest possible levels.

Interested in finding out more? Contact us today.

Other resources

Welcome to CyberFort, your trusted cybersecurity and compliance consultancy in the UK. We specialise in guiding businesses through the complex landscape of cyber risks and regulatory obligations. Our tailored services include risk assessment, security design, compliance audits, incident response, staff training, and regulatory guidance. Count on us to fortify your data protection and ensure legal compliance, safeguarding your business from potential threats.
Contact Us For A Quote