Design a Tabletop Exercise to Support Your Security Operation
Trust but verify that you are prepared for the next threat.
- Threat management has become resource intensive, requiring continuous monitoring, collection, and analysis of massive volumes of security event data.
- Security incidents are inevitable, but how they are handled is critical.
- The increasing use of sophisticated malware is making it difficult for organizations to identify the true intent behind the attack campaign.
- The incident response is often handled in an ad hoc or ineffective manner.
Our Advice
Critical Insight
- Establish communication processes and channels well in advance of a crisis. Don’t wait until a state of panic. Collaborate and share information mutually with other organizations to stay ahead of incoming threats.
- Security operations is no longer a center, but a process. The need for a physical security hub has evolved into the virtual fusion of prevention, detection, analysis, and response efforts. When all four functions operate as a unified process, your organization will be able to proactively combat changes in the threat landscape.
- You might experience a negative return on your security control investment. As technology in the industry evolves, threat actors will adopt new tools, tactics, and procedures; a tabletop exercise will help ensure teams are leveraging your security investment properly and providing relevant situational awareness to stay on top of the rapidly evolving threat landscape.
Impact and Result
Establish and design a tabletop exercise capability to support and test the efficiency of the core prevention, detection, analysis, and response functions that consist of an organization's threat intelligence, security operations, vulnerability management, and incident response functions.
Member Testimonials
After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.
10.0/10
Overall Impact
$16,549
Average $ Saved
13
Average Days Saved
Client
Experience
Impact
$ Saved
Days Saved
Corporation Of The City Of Orillia
Guided Implementation
10/10
$20,500
20
Erik was great to work with and has so much knowledge. We had a quote from a third party for a table top exercise at $15,000 cdn. This saved us eno... Read More
American Bankers Association
Guided Implementation
10/10
$12,599
5
Michele was great - very flexible with his scheduling, very hands one, knowledgeable. worst part - we aren't quite done with table tops to validat... Read More
About Info-Tech
Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.
We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.
What Is a Blueprint?
A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.
Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.
Need Extra Help?
Speak With An Analyst
Get the help you need in this 5-phase advisory process. You'll receive 11 touchpoints with our researchers, all included in your membership.
Guided Implementation 1: Plan
- Call 1: Perform a warm-up exercise.
- Call 2: Analyze your drivers, challenges, and value.
- Call 3: Prioritize needs and requirements.
Guided Implementation 2: Design
- Call 1: Review threat landscape.
- Call 2: Identify threats and tabletop topics.
- Call 3: Assess core participants and responsibilities.
- Call 4: Coordinate logistics.
Guided Implementation 3: Develop
- Call 1: Discuss the development of guides, forms, and reports.
- Call 2: Discuss the development of injects and video.
Guided Implementation 4: Conduct
- Call 1: Facilitate delivery of the mock tabletop exercise.
Guided Implementation 5: Evaluate
- Call 1: Discuss the process to implement lessons learned and recommendations to discover areas of improvement.
Contributors
Anthony Vitello, Senior Vice President Global Information Security, Citigroup
Develop and Implement a Security Incident Management Program
Build Resilience Against Ransomware Attacks
Build a Vendor Security Assessment Service
Implement Risk-Based Vulnerability Management
Design a Tabletop Exercise to Support Your Security Operation
Integrate Threat Intelligence Into Your Security Operations
Master Your Security Incident Response Communications Program
Design a Coordinated Vulnerability Disclosure Program