The guide is a resource for leaders as they help organizations mitigate cyber threats and strengthen incident response capabilities.
A new guide, Cyber Resilience: Incident Response Tabletop Exercises 2023, was written for C-suite executives, in-house counsel, and incident response teams to help their organizations mitigate cyber threats and strengthen their incident response capabilities.
Cyber Resilience: Incident Response Tabletop Exercises 2023, written by ArmorText and the international law firm of Crowell and Moring, explains what these exercises are, why they are valuable for organizations to conduct, and outlines three cybersecurity scenarios modeled after real-world events. The guide provides exercise planners and facilitators an innovative toolkit to lead their teams through their tabletop exercises, including topics related to incident response, business continuity concerns, legal risk, and post-incident obligations. Scenario themes include:
- When disaster strikes: A ransomware attack occurs and a demand is coming.
- Staying alive: Threat actors access privileged credentials and may still be in company systems.
- Rogue executive: Potential loss of sensitive information upon an executive’s departure.
The guide also highlights the increased emphasis on the role the C-suite, senior leadership, security personnel, and the board play in overseeing cybersecurity, and, in particular, incident response preparedness. Recent federal and state cybersecurity-focused regulatory changes, as well as new requirements for government contractors, underscore the increasing pressure executives face as they ensure that their organizations’ incident response capabilities are effective and timely, as well as comply with the evolving regulatory landscape. Government agencies, including Department of Defense, Securities and Exchange Commission, Federal Energy Regulatory Commission, New York State Dept. of Financial Services, and Cybersecurity and Infrastructure Security Agency, have all announced new rules or requirements in recent years that have a direct impact on corporate cybersecurity.
The guide is available to the public. It is intended to be an adaptable resource that allows exercise planning and facilitation teams to tailor their content to their organizations’ respective needs.
ArmorText and Crowell will also host a webinar, “Cyber Resilience: Conducting an Incident Response Tabletop Exercise,” that will explore how to use the guide’s modules and run a tabletop dynamically on Tuesday, Nov. 7, 2023 at 1 p.m. ET. The webinar will walk executives through facilitating a tabletop exercise, step by step, and provide practical insights along the way.