CCTE Checklist (1)

Free, Downloadable Checklist To Ensure Your Cyber Crisis Tabletop Exercise Is Successful At Truly Testing Your Incident Response Plans

Are you thinking of running a cyber tabletop exercise to test your existing incident response plans and procedures? 

Hosting a successful cyber crisis simulation exercise requires more than just a tabletop and notepads. You need to think about orchestrating the whole exercise, evaluate roles and responsibilities and minute details to keep the attendees engaged and make the exercise effective.

Download our Cyber Crisis Tabletop Exercise (CCTE) checklist and ensure you successfully test the efficiency of your incident response plans. 

Here’s what the checklist will help you do: 

  1. Get a clear idea of what to expect out of your Cyber Crisis Tabletop Exercise
  2. Put together the right collateral about the business for the exercise facilitator.  
  3. Identify the most relevant participants/team members for the workshop.
  4. Clarify the demands you need to make for a successful Cybersecurity Tabletop Exercise that will truly build your organisational cyber resilience against security breaches. 
  5. Build effective incident response capabilities against cyber attacks, ransomware attacks and data breaches.  

** GDPR & Privacy ** We wholeheartedly believe in your and our rights to privacy and in the GDPR. The bottom of the page explains how we use your data.

enter your details below to get your copy:

The explosion in the number of cyber threats and cyber attacks during the pandemic have reiterated one lesson for business owners across the world - their business can be the next target! 

Most security savvy organisations have ramped up their incident response efforts post 2020. They’re also investing heavily in technology solutions that can protect them from the next ransomware attack or malware infection. Advanced detection systems and threat intelligence capabilities are a great place to start. 

However, to cultivate cyber resilience over the long term, it is essential to blend advanced technology solutions with proper training and orientation of human resources. This is where Cyber Incident Planning and Response comes in. The whole idea behind this critical concept of cybersecurity is that if/when an incident occurs, the key stakeholders and decision makers in the business know what to do, whom to reach out to, how to communicate etc. 

What are tabletop exercises? 

The Cyber Incident Response Plan aims to build muscle memory for the management, business executives and IT staff. The idea is that in times of chaos, nobody should be panicking directionless with no idea about what to do.  

Sadly, however, muscle memory cannot be harnessed through plans alone. 

These incident response plans need to be tested, questioned, debated over, practised and rehearsed repeatedly to truly fulfill their purpose. After all, what good are the plans if nobody knows what’s in them. 

This is precisely why Cyber Tabletop Exercises have become so critical to effective incident response today. 

How do you run a Cyber Exercise? 

Cyber Tabletop Exercise Scenarios can range from ransomware attacks to malicious software infections. The idea is that the scenario must be very relevant to the business. 

It should be based on the compromise of one of the most critical assets of the organisation and the attack methodology should also be plausible, in relation to the business and its operational model.  

The security tabletop exercise scenario should be capable of creating a real sense of panic in the participants of the organisation. It should be so real that it forces them to think the way they would if the attack were to actually happen. 

The scenario should be built in a foolproof way, such that the exercise participants aren’t able to find any loopholes in it, thereby rendering the exercise less or even ineffective.  

For this, it is also important that the external facilitator you hire to conduct the incident response tabletop exercise for you is deeply experienced. Only a highly experienced practitioner and facilitator will be able to keep workshop participants (who may be from completely non-technical backgrounds) engaged and involved in the exercise. 

The facilitator should have the technical as well as soft skill expertise to elicit a strong response from the exercise participants. He/She should be able to recreate an environment of panic and chaos during the exercise, so that the participants delve into their personal knowledge pools and awareness of the incident response plans to make decisions and act the way they’re expected to. 

At the end of the cyber crisis tabletop exercise, the participants should have a better idea of their individual roles and responsibilities. They should also be more conversant with what’s in the cyber incident response plans and they should be aware of how they will implement the steps in the incident response plan when the time comes. 

Download our Cyber Crisis Tabletop Exercise Checklist to get a better understanding of how you can prepare for this most critical exercise in your cybersecurity resilience strategy.  


Cyber Essentials
NCSC Certified Training B&W 300px
Cyber Security Challenge

We are industry experienced practitioners when it comes to cyber security training & cyber security consultancy services

Cyber Security Training


We offer a host of courses including our NCSC Assured Training in Cyber Incident Planning and Response and our NCSC Assured Training in Building and Optimising Incident Response Playbooks.


Virtual CISO Services

Hands On, full-support 'Security As a Service', specifically designed for organisations that require access to experienced cybersecurity, governance, risk and compliance professionals.

Cyber Security Events

Virtual Cyber Assistant

A unique, affordable, subscription-based, cybersecurity service for small to medium businesses, offering 280+ services in cybersecurity.

Virtual CISO DPO

Cyber Crisis Tabletop Exercises

Scenario-based, verbally-simulated tabletop attack exercises that test your organisation's ability to effectively respond to a cyber-attack.

GDPR GAP Assessment

Ransomware Tabletop Exercise

Measure your organisation’s Ransomware Readiness with a unique blend of verbal and visual simulations and ransomware scenario walkthroughs.

Cyber Security GAP Assessment

Executive Cyber Awareness Sessions

Specially designed for executive management, CEOs and boards of directors, engaging them in a business context to help explain the threats and risks from cyber-attacks.

How we use your data:

  • Contact you about our services including, but not limited to, training, trusted advisory and consultancy.
  • Keep you posted on free resources and documents.
  • Update you on upcoming webinars and surveys.
  • Update you when we host our ground-breaking Wisdom of Crowds events.
  • Ask you, every now and then, if you want to take part in crowdsourced initiatives.
  • Our partners (we carefully select our partners) may contact you to arrange or demo or share more information with you about their products or services when you watch one of our sponsored webinars. Remember, you can always tell us or our partners, "No, not interested".

 Download the Remote Working Cybersecurity Checklist

A free guide on how to work securely while away from office.