Tabletop exercises identify the strengths and weaknesses in an organization’s incident response (IR) process and assist in determining staff preparedness to address a real or perceived incident. After the exercises are complete, attendees are able to express their concerns, as well as make suggestions toward improvements in the organization’s IR processes. Kivu provides additional observations and recommendations, as the staff debriefs.
During tabletop exercises, participants are presented with a cyber incident scenario that will put significant strain on the organization and its public profile. The selected scenario is intended to test the organization’s incident response processes as the incident escalates in scope and magnitude. A Kivu analyst and facilitator helps guide the discussion by asking questions designed to address the exercise’s objectives. At various points throughout the exercise, pre-scripted messages are introduced to supplement the scenario and prompt additional actions.
The goals of Kivu’s tabletop exercises include:
- Enhancing the overall confidence and capability of the client’s Incident Response team.
- Walking through an Incident Response scenario to determine how well the client’s IR plan achieves the appropriate guidance, usability and business outcome
- Identifying any gaps in processes, relationships, services and support that might undermine an effective and timely incident response capability
Tabletop exercises are an extremely effective way for an organization’s personnel to discuss the full range of issues related to an incident scenario. Led by Kivu, these exercises provide an excellent forum to examine roles and responsibilities, unearth interdependencies, and mitigate risk.