5 Reasons Why Cyber Tabletop Exercises Fail to Deliver!
Date: 27 March 2020
Cyber Tabletop Exercises help you test and evaluate the efficacy of your well-laid plans in a real-world situation.
You have to ask yourself, when your organisation is under a cyber-attack will your untested response plan actually work? The only way to find out is to assess your plan with a successful Cyber Tabletop Exercise. Note the emphasis on the word successful?
That’s because very often, a Cyber Tabletop Exercise, conducted with the best intentions, will fail to deliver. Here are some of the most common reasons why -
- Flimsy scenario: The scenario on the ‘menu’ is either a phishing email followed by the ‘usual ransomware attack’ or a combination of phone and email business-email-compromise (BEC) attack. Furthermore, cyber response workshops often lack the detail and are not real-enough and scary-enough to put pressure on your team to act the way they will in case of a real attack. Conducting a lackadaisical exercise with a flimsy scenario yields no results.
- Apathy of Internal Staff: A common sentiment we often see is lack of attentiveness and little credence in the internal staff tasked with running the incident response workshop. The cause of this lethargy can include, but is not limited to :
- Existing political and/or ideological differences between the host and the attendees.
- Host having insufficient experience in hosting a workshop along with little practical ability to constantly engage the audience.
- The presumption that the host is pursuing his/her own agenda during the cybersecurity tabletop exercise.
It is our opinion and experience that cyber tabletop exercises can actually be a lot of fun and give engaged participants quite the adrenaline rush as they ape a high-pressure real-world scenario. Attendees must be given an appropriate understanding of the concept before-hand for the success of the exercise.