Showtime, A-Holes: A Tabletop Exercise Overview

“Showtime, A-holes!” ~ Star-Lord, Guardians of the Galaxy 2

Honestly, I couldn’t think of a better way to start this article than using one of my favorite Star-Lord quotes (F.Y.I. it’s also the title of an original score for the movie Guardians of the Galaxy by Tyler Bates), and I also find it considerably fitting given the content discussed here.

So, what are we discussing? Well, “Mr. Blue Sky” (Electric Light Orchestra), we will be talking about tabletop exercises. What’s a tabletop exercise?

Come A Little Bit Closer” (Jay & The Americans), and we can dive deeper into this. A tabletop exercise is a security training event revolving around a security incident. The goal of the activity is to have a plan of action should a security incident occur. Mostly, the goal is to break “The Chain” (Fleetwood Mac) of panic that arises from not being prepared. Think fire drills.

Ok, let’s play!

Before we can “Bring It on Home to Me” (Sam Cooke), we should discuss the rules of the game and what’s needed to play. The first thing we need to talk about is the type of event you will be considering. Is it a ransomware event? Is it data theft? Is it a physical security breach?

If you are having problems trying to decide which event to choose, start with a ransomware event (this is something that most individuals would have least heard of) then from there, you can move into the category, “what is the worst thing that could happen?”

Once you have selected the type of event, choose the people who will be participating. Are they system administrators? Seasoned security professionals? Executives? HR? Legal? Marketing? The experience level of the individual dictates the (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Chris Stephen. Read the original post at: