In a world where the cyber threat is constantly changing and evolving there is a need for organisations to monitor and assess how their systems can remain resilient. A very useful exercise that many organisations fail to conduct is a Cyber Tabletop workshop, a walkthrough exercise of their cyber security posture and response capability.
What is a Cyber Tabletop?
The Cyber Tabletop is a short, focussed event that encourages key stakeholders to take accountability and responsibility for security, and understand where the main cyber risks are in the organisation. The output from these events can help shape future security activities, at Senior Management Level and with the security team.
The workshop reflects that everyone in the organisation has an input to provide, and in fact it is important to understand not just the technical, procedural, and human vulnerabilities but also the organisational and business impacts.
The organisation should also involve a range of business leads, system owners, and security Subject Matter Experts (SMEs) to fully understand the associated business impacts, the scale of vulnerability, and hence the risk to the organisation.
Why are these exercises important?
These workshops are important because:
- They provide the mechanism for the organisation to collectively understand their business risk and the associated impact, should systems or assets be denied or disrupted through an attack.
- The workshop will identify the likely access vectors that an attacker may seek to leverage to gain access to the network or organisation, and the likely effects that the attacker may seek to achieve.
- Outcomes from the workshop will include how the organisation can improve cyber defences, confirm which policies are fit for purpose, and where improvements need to be made.
- Attendees at the workshop will benefit from improved cyber security awareness, particularly if they come from a Business Function as opposed from a security background.
How can you achieve maximum value?
The workshop is socio-technical, drawing on the fact that cyber is multidisciplinary and crosses People, Processes, and Technology (a successful cyber-attack may not start with, or solely focus on, a technical vulnerability).
The workshop achieves its full potential when supported by a wide range of stakeholders including, but not limited to, senior leadership, business function leads, and cyber security SMEs. It is paramount to understand that all attendees, regardless of their background, will have something to add.
- The workshop should combine both attacking (Red) and defending (Blue) perspectives teams in order to understand how an attacker may wish to target the organisation, but also to identify what security controls or mitigations should be put in place.
- Cyber SMEs will understand the exposure of any vulnerabilities, and how they could be exploited and what controls should be introduced to reduce the likelihood of a successful attack.
- Business function leads will understand the impact should a system or capability be disrupted and what mitigations can be introduced to lower the impact should an attack be successful.
- Senior leadership should be fully engaged with the workshop so that they can understand the business implications of a cyber-attack on the organisation. Understanding this will allow them to factor security into their decision making. Senior Leadership will have the pan-organisation view of risk and through governance enables appropriate remediation activities to be conducted.
Depending on the scope of the workshop, or even series of workshops, a review of the organisation’s Business Continuity Management Plan (BCMP), Incident Response Plan, and Discovery Recovery Plan can be conducted to ensure that these fully meet the requirements of the organisation and covers each of the critical business areas.
How can Logiq Help?
Logiq has extensive in experience in conducting Cyber Tabletops for a wide variety of organisations in multiple sectors and can help your organisation better understand its cyber posture.
If you want to understand more about Cyber Tabletops or require further advice and see how we can support your organisation, please contact Logiq to discuss your requirements.