#172 - Table Top Exercises

This episode of CISO Tradecraft, hosted by G Mark Hardy, delves into the concept, significance, and implementation of tabletop exercises in improving organizational security posture. Tabletop exercises are described as invaluable, informal training sessions that simulate hypothetical situations allowing teams to discuss and plan responses, thereby refining incident response plans and protocols. The podcast covers the advantages of conducting these exercises, highlighting their cost-effectiveness and the crucial role they play in crisis preparation and response. It also discusses various aspects of preparing for and executing a successful tabletop exercise, including setting objectives, selecting participants, creating scenarios, and the importance of a follow-up. Additionally, the episode touches on compliance aspects related to SOC 2 and the use of tabletop exercises to expose and address potential organizational weaknesses. The overall message underscores the importance of these exercises in preparing cybersecurity teams for real-world incidents. Outline & References: https://docs.google.com/document/d/13Qj4MOjPxWz9mhQCDQNBtoQwrXdTeIEf Transcripts: https://docs.google.com/document/d/1yfmZALQfkhQCMfp9ao3151P9L2XcEXFm/ Chapters 00:00 Introduction 00:47 The Importance of Tabletop Exercises 01:53 The Benefits of Tabletop Exercises 03:06 How to Implement Tabletop Exercises 05:30 The Role of Tabletop Exercises in Compliance 08:24 The Participants in Tabletop Exercises 09:25 The Preparation for Tabletop Exercises 16:57 The Execution of Tabletop Exercises 21:58 Understanding Roles and Responsibilities in an Exercise 22:17 The Importance of a Hot Wash Up 23:36 Creating an After Action Report (AAR) 24:06 Implementing an Action Plan 24:34 Example Scenario: Network Administrator's Mistake 25:08 Formulating Targeted Questions for the Scenario 26:36 The Role of Innovation in Tabletop Exercises 27:11 The Connection Between Tabletop Exercises and Compliance 29:18 12 Key Steps to a Successful Exercise 30:43 The Importance of Realistic Scenarios 34:05 The Role of Communication in Crisis Management 37:33 The Impact of Cyber Attacks on Operations 39:57 The Importance of Tabletop Exercises and How to Get Started 40:35 Conclusion