Hero Banner

Ransomware Tabletop Exercises

Conducting ransomware scenario based tabletop exercises to help prepare organisations to respond to ransomware attacks


Ransomware is the Top Cyber Threat Impacting Organisations

How Bad is the Scourge of Ransomware Attacks?

15 Seconds Frequency

Every 15 Seconds someone is impacted by ransomware

4000 Daily Attacks

Since 2016, over 4000 daily ransomware attacks  in USA alone!

40 Million Payout

The largest ever ransomware payout was made by an insurance company at $40 million

600 % Increased Payouts

600% increase in emails containing ransomware and other malicous files


Amar Singh, CEO - Cyber Management Alliance Ltd

“Documents that have never been read, procedures that have never been practiced, checklists that have never been verified are as useful and functional as having a brand-new mobile phone with no charging cable or power adaptor.” 

Why You Should Conduct Ransomware Tabletop Sessions

Be Better Prepared

We ensure our ransomware tabletop exercise scenarios are  relevant and contextual to the organisation thus keeping the threats on top-of-mind and gradually increasing overall preparedness.  

Builds Muscle Memory

One of our objectives when we conduct ransomware tabletop exercises is to present tangible response questions to the attendees. This approach helps build subconscious muscle memory.

Increases Collaboration

We typically ask that people from different departments or business units attend the ransomware tabletop session as it helps increase interdepartmental collaboration and interaction.

Our Approach to Ransomware Tabletop Exercise Scenarios

The Ransomware Tabletop Exercise Template designed and run by us is a unique blend of verbal and visual simulations organised as a combination of ransomware scenario walkthroughs and engaging and practical exercises.

  • Fact Finding: We start with gathering as much information about your business, its stakeholders and its critical assets as possible.

  • Scenario Planning: After assessing the inputs we move on to planning and outlining the scenario and follow that up with a dry-run with you. 

  • Ransomware Tabletop Exercise Template: During the tabletop exercise, we facilitate the workshop and monitor the pace and substance of the discussions.

  • Engaging & Interactive: Conducted in a highly engaging and interactive format, our Ransomware Tabletop Exercises ensure maximum participation and highly relevant output and constructive discussions.

  • Management Report: After the exercise, we produce an objective  analysis of the exercise and provide a formal maturity score of your ransomware preparedness. (Maturity score is optional)

The image on the right describes, step-by-step, how we approach our ransomware tabletop workshops.

We are a UK Government Crown Commercial Service Supplier (G-Cloud 12) and the Cyber Crisis Tabletop exercise is listed on Gov.uk Digital Marketplace.

CCTE Our Approach
Organisations Trust Our Ransomware Tabletop Exercise Templates

Benefits of Running a Ransomware Tabletop Exercise with Cyber Management Alliance

Professionally Conducted to Produce Results

Our detailed planning and professional approach produces the desired results - that of ensuring the business is prepared to deal with ransomware attacks. 

Be Compliant with Regulations on Tabletop Exercises

Clients can opt to receive a formal scoring for the ranswomare tabletop exercise and demonstrate compliance to regulations and auditors.

Validate and Improve your Ransomware Response Plans

Our attention to detail and comprehensive preparation will help you validate and improve your ransomware response plans and ensure they are effective and fit-for-purpose.

Non-Disruptive & Zero-Risk Way to Gauge the Impact of your Decisions

Safely evaluate your ransomware plans, review your critical decisions and gauge the impact on your critical systems and clients. 

Enhanced Awareness of Ransomware Response Plans

Our aim is to produce realistic and relevant ransomware scenarios, engage the stakeholders, improve their learning, thus increasing retention of key response actions and stakeholder responsibility.

Formal Report with Tangible Recommendations

After the tabletop exercise, you receive a formal executive summary and report that contains a high level analysis of existing processes, procedures and their effectiveness. 

We offer both management-focused and technical tabletop exercises and recommend the following participants for both audiences:


  • Staff responsible for making critical decisions.
  • Staff who are either heads of their function and or fully understand how the department operates.
  • For management exercises, there must be representation from all functions like PR, communications, legal, HR, sales, and marketing, to name a few.
  • Technical staff who know the systems and processes.
  • If relevant, representatives from key service providers

Why Cyber Management Alliance ?

We are one of the world’s leading independent cyber incident & crisis management authorities offering advisory services, executive training, and bespoke workshops in all aspects of cyber crisis management, incident planning, incident-response testing and tabletop exercises. 

We are the creators of the internationally acclaimed UK-Government’s NCSC-Certified,  Cyber Incident Planning and Response (CIPR) course and have trained attendees from organisations including the United Nations, UK Ministry of Defence, several UK Police Forces, NHS Trusts, European Central Bank, Swiss National Bank, Microsoft, Ernst and Young and many others.


All trademarks, service marks, trade names, product names, service names and logos appearing on the site, or on printed or digital material are the property of their respective owners, including in Cyber Management Alliance Ltd. Any rights not expressly granted herein are reserved.

Jenny Kray
“We selected Cyber Management Alliance to conduct a non-technical, scenario-based, cyberattack tabletop exercise for members of our senior management. The session and scenarios were relevant to our business and the ransomware tabletop exercise was conducted in a deeply engaging and conducive manner and the session met our objectives.”
Jenny Kray
Chief Financial Officer, Ashling Partners
Kanoksak Keekarjai
"The sessions and scenarios were relevant to our business and the tabletop ransomware exercises were conducted in a deeply engaging manner. The ransomware communication response templates were comprehensive and completely relevant to our business context and the accompanying communication plan was fit-for-purpose."
Kanoksak Keekarjai
Head of Global Security, Risk and IT Compliance, SIG Global

Ransomware and Executive Bespoke Scenario Tabletop Pricing

Ransomware Tabletop Exercise


For both Executives and Senior Leadership teams

A focus on your business relevant challenges

Verbal simulation of a Ransomware cyber attack

Focus on the real threats of a Ransomware attack on your organisation

Estimated duration 60 - 120 mins

Executive Tabletop Exercise


Detailed planning for a bespoke cyber attack

Management discussion & review of their actions & decisions

Realistic business-impacting scenario

Verbal simulation of the cyber-crisis scenario

Estimated duration 60 - 120 mins

Frequently Asked Questions about our Ransomware Tabletop Exercises Template

What is the right audience for a Ransomware Tabletop Exercise?

We conduct Ransomware Tabletop sessions for three different types of audiences. Technical teams, management and senior executives. We also conduct these sessions for board members.

What is the duration of a Ransomware Tabletop exercise?

Depends on the audience and number of participants. Technical tabletop sessions can last up to three hours. For senior executives and management a Ransomware Tabletop exercise can last between 45 - 90 minutes.

Do you conduct physical & virtual tabletop sessions?

We conduct both physical and virtual ransomware tabletop sessions. Professionally, we recommend that tabletop sessions are held virtually or remotely as a remote session best imitates reality. Most incidents strike when staff are not necessarily in one location.

Ransomware and regular tabletop exercise. What's the difference?

In a regular Cyber Crisis Tabletop Exercise (CCTE), we explore all cyber threats that can impact your organisation.  In a Ransomware Tabletop Exercise, we lay exclusive focus on the ransomware threat and the impact it can have on your organisation. 
Ransomware Tabletop Exercises from as little as £995 or $1195

Ransomware Tabletop Exercises and Ransomware Assessments

Why not find out more about our Ransomware Tabletop Exercises and Ransomware assessments? Book a no-obligation discovery call with one of our consultants. 

Let us show you why our clients trust us and love working with us.

We provide support on cybersecurity strategy, policies, incident response, gap assessments, SIEM assessments, GDPR, Cyber Crisis Tabletop Exercises, Breach Readiness Assessments, and more. Speak to us to find out how we can assist.