We will be having an upcoming tabletop scenario ("war games") for Cyber-Security. Are there any specific scenarios any of you have used that you've found particularly useful? Any ways you've structured or executed these scenarios to amplify the value?
Sort By:
Oldest
CISO/CPO & Adjunct Law Professor in Finance (non-banking)7 months ago
CISA has a solid set of exercises and tools, for free, that should help with incident response maturity.https://www.cisa.gov/resources-tools/services/cisa-tabletop-exercise-packages
Ensure you customize the scenario to your organization; it will be more realistic and fulfill the exercise’s goal.
Take the exercise seriously and be brutally honest about the results. Don’t brush off issues saying” if it was real, we’d have done much better.”
If necessary, exclude people from the exercise who will hamper an open and forthright evaluation. Also ensure you have the key people who will actually be handling the issue (as opposed to a designee to represent a department).
Ransomware Containment: Create a scenario where critical systems are hit with ransomware, challenging the team to contain the breach and initiate recovery procedures. This drills the importance of backup systems, quick containment measures, and business continuity planning under pressure.
Insider Threat Simulation: Pose a situation where an insider maliciously accesses and exfiltrates sensitive data. This scenario helps the team refine strategies for monitoring internal activities, managing access controls, and incident investigation techniques.