Tabletop Exercises How These Practice Sessions Improve Your Incident Response Plan Ready Your Team

Tabletop Exercises: How These Practice Sessions Improve Your Incident Response Plan & Ready Your Team

Arraya Insights | May 20, 2022

Cyber attacks continue to pose a major concern for businesses and organizations worldwide. As ransomware attacks show no signs of slowing down, it’s likely that we’ll see more regulatory compliance actions in the future to protect consumer data. A common requirement is regular security assessments to monitor, test, and report on your company’s current cyber security position.  

Through these security assessments, your business can ensure it’s in compliance with all regulations. It’s always best to be on the offense of your cyber security, rather than the defense. The results of these assessments will help your IT team make better decisions to improve your cyber position moving forward.  

While we’ve focused on business impact assessments and penetration tests in the past, this blog is going to target tabletop exercises, which are an important part of your business’s incident response preparation.  

What is a Tabletop Exercise? 

A tabletop exercise is a way to assess your business’s current incident response plan processes and procedures. This type of exercise involves gathering all IT team members and business stakeholders into a classroom-type setting and completing a run through exercise of a cyber event scenario.  

The only prerequisite of a tabletop exercise is an established incident response plan. Without an incident response plan in place, there will be nothing to test throughout the tabletop exercise. An incident response plan is “a set of instructions to help IT staff detect, respond to, and recover from network security incidents. These types of plans address issues like cybercrime, data loss, and service outages that threaten daily work.”  

Instead of testing your actual cyber security methods, a tabletop exercise is a test of your business’s response policies, your business’s knowledge of those policies, and the efficacy of those policies. In addition, a tabletop exercise is a test of your business’s ability to communicate with one another and to outside parties. Not only does a tabletop exercise test your procedures, but it also provides your team with valuable practice within a safe and controlled environment.  

It’s best to identify any mishaps during a tabletop exercise before you’re facing the real thing with very real consequences.  

How Often Should Tabletop Exercises Be Conducted? 

Throughout the tabletop exercise, any gaps in your current incident response plan will be identified so they can be addressed and improved upon in the future. As these exercises represent a point in time, tabletop exercises should be completed regularly as a consistent check in.  

Many companies conduct these exercises annually, although the more frequent the better. The biggest challenge businesses face in conducting these is simply getting all necessary parties together in a room at the same time.  

Next Steps: Test, Review & Improve Your Incident Response Plan 

For many industries, tabletop exercises are a requirement as part of compliance regulations. How often they’re required will depend on your individual business and industry.  

Some businesses may complete tabletop exercises only to remain in compliance. However, these exercises provide your organization with valuable information that can significantly improve your cyber security posture, your processes and procedures, and your team’s communication abilities.  

It’s important to not only complete these exercises but to take advantage of the wealth of information that they provide so your business can make better decisions moving forward. Your business will be able to uncover possible gaps in your policy and gain clear, tangible remediation guidance.  

As the cyber threat landscape continues to change every day, there are endless improvements that can be made.  

From guiding your team through the entire exercise process to helping your business make the most of your results, Arraya can help.  Our cyber security experts can help you design and walk through a fully customizable worst-case scenario.

If your business is looking for assistance in conducting a tabletop exercise, contact us today to start a conversation.  

VisitContact Us – Arraya SolutionsArraya Solutions to connect with our team now.   

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.   

Follow us to stay up-to-date on our industry insights and unique IT learning opportunities.