Four Reasons to Host A Remote Cyber Tabletop Exercise
Date: 8 May 2020
One often tends to get entangled in the word ‘tabletop’ when one thinks of conducting a cyber tabletop exercise for their organisation. It is natural to think of this exercise as one that can only be done physically in a closed room. However, contrary to that popular belief, it is often much more effective to conduct a virtual tabletop exercise. Read on to know why!
A cyber tabletop exercise helps a business to evaluate if its best-laid plans will work in times of an actual disaster and if all key stakeholders will be able to do the things they’re supposed to do to ensure business continuity and rapid resumption of business operations.
But is it always necessary to run a tabletop exercise across… umm... a table? Not really! In fact, it may be better for your business to run a virtual tabletop exercise via Zoom, Microsoft Teams or Google Meet.
4 reasons why you should run a virtual tabletop exercise on Incident Response
1. Emulates real-life: This one is indisputable. Have you ever had a disaster of any nature strike your organisation? Think back to that time. Was everyone involved in making critical decisions at that point available in office at the same time? Were all the key stakeholders even present in the country at that time, forget the office? Probably not.
9 times out of 10 when your business is hit by a cyber-attack, your CEO, CISO and COO will probably not be in the same location and they may not even be in the same time zone. Critical decisions, however, don’t wait for anyone to congregate in the same place and they will have to be taken from different parts of the world if needed and within minutes.
Real life will rarely allow everyone involved in the next steps of an attack to be in a room and around a table. So why obsess over conducting physical cyber tabletop exercises when, in reality, things will be absolutely different. Get real and accept the fact that if or when a cyber crisis or a ransomware attack does hit your workplace, you will be coordinating and liaising with your teammates remotely. So why not practice virtual cyber disaster response already?
Download our Cyber Crisis Tabletop Exercise Checklist today to start building your virtual incident response capabilities.
2. Relevant in the current world scenario: In the era of COVID-19, if there’s one thing we’ve all learned is that we need to know how to work remotely. Businesses that didn’t have the right infrastructure in place to allow work-from-home for their employees suffered tremendous losses at the onset of the global lock-down. But guess what, the cyber-attacks didn’t stop for them.
Cyber criminals don’t wait for anyone. In fact, if they wait for anything at all, it is your most vulnerable moments such as those created by Coronavirus for many. So, if you and your team don’t know how to coordinate for and combat a cyber crisis virtually, know that you may be at your vulnerable worst right now.
It is imperative for businesses to have a remote cyber incident response plan for the current scenario and also to have it tested on a regular basis.
In times such as these, remote testing is the only way to go and therefore, making optimum use of the extra time available for running a remote cyber tabletop exercise would be a really wise use of resources and a great way to put your business ahead of the criminals.
3. Enables global collaboration: Corona or not, it is often impossible to liaison between infosec teams across the geographies a business is operating in. And it is unlikely that when a cyber crisis does hit, action and coordination between only a few geographies will be enough.
A global business has to conduct cyber tabletop exercises that engage core team members across different locations and enable them to build a rapport and a workflow that they can apply in times of a cyber crisis.
A remote cyber tabletop exercise facilitates such coordination, relationship building and rehearsal of global cyber incident response plans. Now is the best time to conduct such virtual tabletop exercises as everyone is settled and adjusted into their remote working lives and are comfortable with the online tools that are usually used for these workshops.
4. Cost-effective: If you’re still planning to push your cyber tabletop exercise to a post-Corona time when you could have all important members of your cybersecurity and operations teams together in one room, think again!
First of all, nobody really can say when things will actually go back to normal and international aviation will open up again. But even when it does, think about the costs involved in conducting a physical tabletop exercise.
You have to get several top executives into one room, pay for their airfare, hotel costs, meals, visas, cab fare and a lot more to actually successfully conduct one cyber crisis tabletop workshop. You could save yourself all that cost and precious executive time by just conducting the cyber incident response test remotely. If that’s not motivation enough, we don’t know what is.
Cyber Management Alliance is well-equipped to cater to the remote cyber tabletop exercise requirements of organisations of every size and nature. We work with you on planning, creating scenarios, producing the scripts and artefacts and running the actual workshop. We can run a complete cyber tabletop exercise virtually using Zoom, Microsoft Teams or Google Meet (previously known as Hangout)
Importantly, we will present you a formal audit report of the exercise that provides you with important data including a cyber breach-readiness score that provides a good indication about how ready you are to respond to a specific cyber-attack scenario.