Guest Contributor: Heather Engel, Managing Director and Cyber Strategist, Strategic Cyber Partners If your company has any type of regulatory cybersecurity requirement, chances are those requirements include a Cyber Incident Response Plan. Whether DFARS 252.204-7012 to PCI to ISO 27001, incident response is a critical piece of your compliance and risk mitigation. But when is…
In this short video, Rob Burton discusses the three things to do when planning your exercises: Set Objectives – What do you want to achieve in the exercise? What is your goal? The Exercise Participants – Based on your objectives, who is your audience? Scenario Overview – Create a story line. You should have a…
Are you responsible for designing and delivering crisis management tabletop exercises for your organization? The Ultimate Guide to Crisis Management Tabletop Exercises is an eBook written by PreparedEx that explains in detail how your organization can develop and conduct tabletop exercises that will test and improve the efficacy of its crisis plans and the functioning of its crisis…
Advantages and Disadvantage of the Tabletop Exercise I came across some information regarding the main advantages and disadvantages of tabletop exercises. I decided to expand on the list based on my experience and knowledge of conducting these types of exercises regularly. The tabletop exercise is the most common kind of training exercise conducted by corporations…
When planning your tabletop exercise, consider asking these 5 questions: 1. Why are we conducting this exercise? Is this a request from senior management or has it come down from the board? Is it a new internal or externally regulated requirement? Whatever the purpose, you should try to clearly define the reason you’re about to…
The recent COVID-19 pandemic has shown that many organizations were not prepared to respond to and manage the impacts caused by the virus. Business Continuity Plans (BCPs) were either not developed or were out of date. That’s why it’s essential that your BCP remains up-to-date and is regularly validated. In this blog we provide…
The Master Sequence of Events List (MSEL), is the primary document used to manage an exercise, to know when events are expected to occur, and to know when to insert injects (information) into the exercise. A summary version of a MSEL document can also be used to assist exercise facilitators in the monitoring and management of exercise…
During an exercise or war game there will often occur a key decision point when it becomes necessary or more time efficient to break out some of the participants into a separate smaller group, often called a “breakout group.” This small group can be very effective in obtaining a comprehensive view of a problem,…
Prior to designing your Crisis Simulation Tabletop Exercise, ensure you understand the end-to-end process that you intend to use. This can be as easy as a four step process as I describe within this short post. Step 1 – Compose Develop your exercise objectives and general exercise design (who, when, where and…
Creating a crisis management simulation exercise for your company for the first time can be a daunting task that requires time and resources. When preparing these sessions it is important to understand what resources exist to assist with the successful planning and delivery of the event. Here are three resources that might help…