Critical Communications, Critical Event Management, Cybersecurity

Four Reasons to Run a Tabletop Exercise This Cybersecurity Awareness Month

By Shannon Gallo

By: PreparedEx and OnSolve

This Cybersecurity Awareness Month, it's important to think about how you can best protect your company from cyberattacks. One of the most effective ways is by running a tabletop exercise with your team. A tabletop exercise will allow you and your team to identify potential vulnerabilities in advance and come up with solutions together before they happen.

In this post, we'll discuss four reasons why you should run a tabletop exercise right now:

1.  It's an efficient way for teams to brainstorm cybersecurity strategies.

Team members should work together to prioritize and brainstorm the organization's cybersecurity response strategies. Strategy development is a collaborative process that encourages critical thinking. Taking time out of your schedule for this kind of tabletop exercise will allow you and your team the chance to practice how you would solve a real-life cybersecurity incident.

The more time you spend coming up with different strategies, the better prepared your organization will be down the road.

2.  It builds competency within the crisis and incident management teams.

The tabletop exercise will also allow the incident management team to practice their crisis management skills. In a real-life cyberattack situation, it is important that each member of your organization knows what to do and how they can contribute most effectively. By using this simulation as an opportunity for practice, you'll build competency within your teams so everyone feels confident in their ability to respond. Key objectives of your cybersecurity exercise should include:

  • Practicing the team activations process
  • Validating crisis/incident management roles and responsibilities
  • Understanding stakeholder relationships
  • Validating the cyber crisis communications strategy

3.  It improves readiness throughout the organization.

In addition to building competency within the crisis and incident management teams, a tabletop exercise is also an opportunity for your entire organization to practice how it will respond when faced with a cybersecurity threat.

Every member of your team should be aware that they have a role in protecting their company from cybersecurity threats. This tabletop exercise can serve as a reminder of the importance everyone has in staying protected.

4.  It gives the organization an opportunity to stress test existing technologies.

Oftentimes, tech stacks are purchased to work in unison and talk to each other to create efficiencies. For example, integrating conference bridging into your critical communications solution to better manage an incident. These tools are usually leveraged in a standalone state. During a test or exercise, it’s a perfect time to ensure integrations, APIs, and all functions are working properly. You don’t want to wait for a real-life event to learn that your tech stack is broken.

Next Steps

Cybersecurity Awareness Month is an excellent time to run your tabletop exercise so that you are prepared for any cyberattack situation, no matter when it may occur. This year's theme (#CyberAware) should serve as inspiration to be vigilant about cybersecurity through the remainder of 2021 and beyond.

Not sure where to start? Looking for ways to make your simulation exercises more effective? Join us on October 13 for  Cyber Fall: A Simulation Exercise live webinar to walk through an example of what an engaging and impactful tabletop exercise looks like.

Be sure to check out these related resources from OnSolve and PreparedEx:

PreparedEx Resource: FREE eBook - The Ultimate Guide to Crisis Management Tabletop Exercises

PreparedEx Resource: The Principles of Simulation Exercises Training Course

OnSolve Resource: The Role of Crisis Communication in Business Continuity and Disaster Recovery