If you work in technology, you’ve likely taken part in a tabletop exercise. Tabletop exercises are effective tools for ensuring your organization is prepared in the event of a cyberattack, but also helping to build organizational resilience. When executed appropriately, tabletop exercises can be powerful tools for preparing for incidents.
What Are Tabletop Exercises?
A tabletop exercise is a low-stress meeting that is designed to simulate an emergency situation. Tabletop exercises involve all members of the emergency response team. During tabletop exercises, participants clarify their roles and outline responsibilities. The team discusses emergency scenarios in depth and describes their response plan.
The goal of tabletop exercises is to remove the urgency and anxiety associated with performing emergency simulations in your technology environment. Instead, all participants sit around a table, as the name implies, to discuss appropriate mitigation measures and walk through how they would respond to an incident. The low-stress environment makes the exercise more of a conversation and collaborative learning experience where participants try to unveil gaps in the response plan.
Benefits of Tabletop Exercises
Tabletop exercises have multiple benefits for your organization, including:
- Educating your staff on threats and spreading awareness of cybersecurity threats
- Testing your incident response plan
- Identifying deficiencies in plans and procedures
- Ensuring all team members know their roles during an incident
- Identifying opportunities for further training
- Clarifying the decision-making process during an incident
Why You Need Realistic Tabletop Exercises
Tabletop exercises are essential for building resilience in your organization. Cyberattacks are many and varied, and incidents are on the rise. Because cyberattacks can materialize in so many ways, it’s important that you conduct realistic tabletop exercises. Your team needs to understand how potential threats may play out in your environment and what effect the disruptions can have on your operations.
It’s important to include customized scenarios to allow your team to understand how different situations will unfold. IT teams are also made up of varying skill sets and running through the roles and responsibilities can help you to identify gaps in your team to help build additional resilience.
How to Plan a Realistic Tabletop Exercise
Tabletop exercises can be powerful if they are designed and executed thoughtfully.
Tips for a Tabletop Facilitator
Your exercise should be overseen and driven by a facilitator. An experienced facilitator drives the conversation to glean insights that will lead to better preparedness.
Here are some tips for tabletop exercise facilitators:
- Create a judgement-free environment: The purpose of a tabletop exercise is to create an environment where your team can safely walk through threats without any backlash. You want to encourage the team to find gaps and voice concerns openly without threat of repercussions.
- Craft scenarios that apply to your organization: Every business is different. It’s important that you develop scenarios that specifically apply to your organization and your technology environment. Take the time to craft realistic situations that vary in levels of difficulty to test the full breadth of your team’s skills.
- Make sure your team is fully informed: Make sure that your team has been fully informed about the tabletop exercise in advance. You want them to come with their thinking caps on and springing a surprise exercise will only serve to increase anxiety and inhibit useful conversations.
- Clarify what you want to accomplish before beginning: State your objectives clearly and openly before beginning to set the stage for discussion. This also helps to establish appropriate boundaries around the conversation to avoid going off topic.
- Encourage participant interaction: It’s a common pitfall to end up in a situation where the participants try to engage only with the facilitator. The point of the exercise is to learn how to work together to respond to an incident which can only be accomplished by team collaboration. You can also re-direct questions to the group rather than answering directly. This can help to solidify your role as observer in the process.
- Ask for feedback: Team feedback allows you to uncover any other discussion topics that weren’t surfaced during the exercise and design for a more effective next session.
- Follow up with a written report: It’s important for your participants to understand the key takeaways from the exercise. Make sure you compile your written findings and share them with the team. This should include a summary, general observations, any gaps you identified, suggestions for improvement and any recommended changes to procedure.
A 7-Step Plan for Designing a Realistic Tabletop Exercise
To execute a successful tabletop exercise, you need to come fully prepared. Use these seven steps:
- Define your objectives and what you hope to achieve
- Gather all participants of the response team
- Develop your custom scenario
- Guide the conversation
- Ask questions when you see gaps or potential pitfalls
- Take notes
- Document and distribute your findings
Having trouble designing your tabletop exercise? Check out these scenarios from The Center for Internet Security for inspiration. Running regular tabletop exercises will help your organization build resilience and increase preparedness.
Raise Your Cyber Awareness!
Learn more about earning the CompTIA Cybersecurity Trustmark.