Tabletop Exercise

Cybersecurity Tabletop Exercise

 Rehearsing for a cybersecurity incident to uncover gaps in your incident response plan and test your team’s ability to respond

Down arrow

What Is a Tabletop Exercise?

Incident Response Plan

Your organization has established an incident response plan. However, do all the identified stakeholders in the plan know what to do when an incident occurs? Similar to a fire drill, the purpose of the tabletop incident response plan exercise is to prepare the client’s technical and executive team to effectively handle significant security incidents prior to an actual incident occurring in real life. 

The tabletop exercise is a virtual, role play exercise that is intended to simulate a real-life experience. It is a guided exercise led by our Incident Response Handler. Various events, obstacles, challenges, and communications will be put to the client team in order to give a perspective of a real-world cyber incident.


Stakeholders and Process

Set the scene and create a backstory

Conduct the tabletop exercise online

Conduct a review and recommendation briefing

Additional Services

Incident response plan

An incident response plan is a set of procedures that your organization will follow in the event of a security breach. IRPs should support the organization and be well embedded into organizational policies to ensure that there is a wide reach. Organizations that do not integrate IRPs into policies increase their risk of staff being unable to execute on the documented procedures. Having a well-executed incident response plan provides internal and external stakeholders assurance that your organization is prepared to reduce recovery time objectives (RTOs) thus minimizing the impact of breaches. Organizations should follow well established, well-reputed frameworks when constructing IRPs. Most incident response plans have 6 high-level steps to follow: Prepare, Identify, Contain, Eradicate, Recover and Conduct Lessons Learned

project management

Incident Response Retainer

An incident Response Retainer (IRR) is a service that allows you to get additional help with cyber incidents.

Data forensics, 24-hour response number, incident response specialists and other service providers will be available to your team.

Incident Response Retainer

Book a Call