top of page

Table Top Days

IncidentIQ specializes in facilitating comprehensive incident response table top exercises designed to enhance organizations' preparedness in handling cyber security attacks or breaches.

​

These exercises simulate various scenarios to test the effectiveness of the organization's incident response plans and procedures.

​

By engaging in realistic simulations, IncidentIQ assists organizations in identifying strengths and weaknesses in their incident response capabilities, ultimately bolstering their resilience against potential cyber threats.

cyber security table tops day_edited.jpg

In-Person Exercises

​

Conducted onsite at the client's premises, in-person tabletop exercises allow for face-to-face interaction and collaboration among participants.

 

This format provides a hands-on experience and fosters teamwork as participants navigate through simulated cyber incidents together.

Remote Exercises

Leveraging virtual collaboration tools, remote table top exercises enable participation from dispersed teams, making them ideal for organizations with geographically distributed workforce or those preferring remote engagements.

​

 

IncidentIQ facilitates seamless remote exercises, ensuring effective communication and engagement among participants regardless of their location.

Cyber Security Scenario.jpg
 The Scenarios

  • Ransomware Attack: Simulating a ransomware attack to assess the client's ability to detect, contain, and mitigate the impact of such an incident. This scenario evaluates the effectiveness of the client's incident response processes and their capability to restore affected systems and data.

 

  • Data Breach: Emulating a data breach scenario to evaluate the client's response in handling the unauthorized access or exposure of sensitive information. This exercise assesses the client's incident containment measures, breach notification procedures, and compliance with data protection regulations.

 

  • Distributed Denial of Service (DDoS) Attack: Simulating a DDoS attack to test the client's ability to mitigate the impact of a sudden surge in malicious traffic targeting their network infrastructure. This scenario assesses the client's network resilience, communication strategies during service disruption, and coordination with internet service providers (ISPs) or third-party mitigation services.

 

  • Insider Threat Incident: Replicating an insider threat scenario to evaluate the client's response to malicious activities conducted by internal personnel with privileged access. This exercise assesses the client's insider threat detection capabilities, incident escalation procedures, and collaboration between security and human resources teams.

​

​

*Bespoke Scenarios can be developed ahead of an engagement. 

Key Objectives

  • Assessment of Current Processes: Evaluate the client's existing incident response processes, procedures, and protocols across various cyber incident scenarios.

 

  • Incident Control and Management: Provide guidance on effectively controlling and managing cyber incidents to minimize their impact on the organization's operations and reputation.​

 

Real Benefits

  • Performance Under Pressure: Assess the client's ability to perform under pressure and make informed decisions during high-stress cyber incidents.

 

  • Enhanced Collaboration: Foster collaboration and coordination between resolver groups, including IT, security, legal, and executive teams, to ensure a cohesive response to cyber threats.

The Output

Following each table top exercise, IncidentIQ will prepare a detailed summary report documenting the exercise objectives, scenario details, participant actions, observations, and key findings.

​

The report will include an analysis of the client's incident response performance, recommendations for enhancements, and actionable insights to strengthen their overall incident response capability.

cyber security table tops day_edited.jpg

Recommendations & Action Plan

Based on the findings from the tabletop exercises, IncidentIQ will provide actionable recommendations and an action plan to address identified gaps and improve the client's incident response readiness.

 

Recommendations may include updates to incident response plans, improvements in communication protocols, enhancements to technical controls, and training for personnel.

Post Exercise Consulatation

IncidentIQ will schedule a post-exercise consultation with the client to discuss the findings, recommendations, and action plan resulting from the table top exercises.

 

Our team will collaborate with the client to ensure a clear understanding of the recommended improvements and provide guidance on implementing the action plan effectively.

Table Top Time Line 

Example Day Agenda

Session 01 

9:00 am - 9:15 am: Welcome and Introduction

9:15 am - 9:45 am: Scenario 1 - Phishing Attack

9:45 am - 10:15 am: Discussion and Decision-Making for Scenario 1

10:15 am - 10:30 am: Break

Session 03

1:00 pm - 1:30 pm: Discussion and Decision-Making for Scenario 3

1:30 pm - 2:15 pm: Scenario 4 - Distributed Denial of Service (DDoS) Attack

2:15 pm - 2:45 pm: Discussion and Decision-Making for Scenario 4

2:45pm - 3:00pm: Break

Session 02

10:30 am - 11:00 am: Scenario 2 - Ransomware Attack

11:00 am - 11:30 am: Discussion and Decision-Making for Scenario 2

11:30 am - 12:30 pm: Scenario 3 - Business Email Compromise (BEC)

​12:30 pm - 1:00 pm: Lunch Break

Session 04

2:45 pm - 3:30 pm: Debrief and Lessons Learned

3:30 pm - 4:00 pm: Action Items, Next Steps, and Closing Remarks

4:00 pm to 4:30 pm: Q&A, Feedback & Close. 

​

IncidentIQ LTD

Company Number: 15617795

York, United Kingdom

​

© 2024 IncidentIQ LTD. All rights reserved.

Interested in preparing your Organisation?

Thank you, a member of the team will be in contact soon!

Terms and Conditions

Privacy Policy

Cookie Policy

bottom of page