About Our Cybersecurity Tabletop Practice

Our Cybersecurity Tabletop practice works closely with companies, big and small, to deliver custom cybersecurity tabletops that mirror the organization’s business environment, regulatory obligations, IT infrastructure, corporate culture, and compliance requirements. Our offering is unique in that the cybersecurity tabletop delivered is unique because a one-size-fits-all type of cybersecurity tabletop simply does not work. The Cybersecurity Tabletop team creates custom cybersecurity tabletop scenarios that are not only are engaging but identify gaps in organizations’ existing compliance and regulatory obligations, cybersecurity posture, cybersecurity insurance, and cybersecurity training.

The Cybersecurity Tabletop team is frequently brought in to verify and validate the maturity of a cybersecurity program for the board, identify gaps and risks in a cybersecurity program that may significantly impact on organizations if left unattended to, and test cybersecurity and incident response plans at all levels of an organization. The team can achieve this because we leverage Tabletop.ai, which is our patent pending comprehensive enterprise platform for cyber risk management and prevention. Our team, by using tabletop.ai, can improve clients’ regulatory, compliance, and legal cybersecurity posture before an incident happens.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Custom Tabletop Scenarios

  • Create tailored cybersecurity tabletops specific to an organization’s existing cybersecurity program and systems, IT hardware and systems, culture and corporate structure, and regulatory and compliance obligations. Custom tabletops also provide the following benefits to an organization:
    • Identify areas the organization can improve to speed up the response time to an incident,
    • Provide an opportunity to gain experience dealing with the problems a breach could bring,
    • Offer an organization the ability to evaluate its overall incident preparedness by creating benchmarks to work against every year,
    • Deliver an objective review of the cybersecurity program and identify gaps and deficiencies in an organizations’ Incident Response plan.
Cybersecurity Tabletop
Cybersecurity Tabletop

Generic Tabletop Scenarios

  • Develop interactive in-person tabletop sessions harness the knowledge of the critical divisions in the organization that would typically be tasked with managing an incident, to create a comprehensive mitigation strategy, to raise awareness around potential risks, and encourage collaboration.
  • Provide clients tabletop scenarios that allow senior leadership greater peace of mind, knowing that your team is well prepared and will be able to handle a crisis efficiently when it occurs, prepare your team and provide them the tools they need to handle an incident, speeding up the response time to an incident by providing your team an opportunity to gain experience dealing with the problems a breach could bring, ahead of time, evaluate your organization’s overall incident preparedness by creating a benchmark to work against on a yearly basis, identify deficiencies in your organizations’ Incident Response plan – from technical issues, to escalation procedures, policies, and more.
Cybersecurity Tabletop

Deliver and Administer Tabletop Scenarios

  • Collaborate with cybersecurity, legal, audit, business, and other stakeholders to conduct tabletop scenarios. Our Cybersecurity Tabletops Practice leverages an integrated team of technologists, sociologists, lawyers, risk managers, and subject matter experts to conduct tabletop.
  • Deliver tabletop scenarios for organizations that can be tailored to specific employees participating at the tabletop ranging from Board members to the new hire in the compliance department to the plant manager at a steel plant.
  • Ensure that the tabletop is administered by a seasoned veteran that has conducted dozens of tabletops along with a scribe and other subject matter experts as appropriate.

Remediation Identified During Cybersecurity Tabletop

  • Work with organizations cybersecurity, compliance, legal, and technology stakeholders to create risk register and gaps that are identified in connection with the tabletops.
  • Collaborate with big and small organizations to execute upon the mitigation strategy in order to speed up their organization’s effectiveness and response time to managing an incident.
Cybersecurity Tabletop

Case Studies by Industry

Industry/Sector: Transportation

Type of Service: Create, Deliver, and Execute Tabletop Engagement

Description: Retained by a multibillion-dollar company to create and execute cybersecurity tabletops for the parent company and 42 affiliates all over North America with very positive results. Efforts included:

    • Created scenarios that present enough to make it appear as a real incident rather than a made-up one.
    • Delivered scenarios that enabled the organization’s team to discover gaps and issues with the existing cybersecurity program.
    • Facilitated a discussion with participants around their roles and responses while testing the organization’s understanding of their incident response roles.
    • Delivered an executive briefing on lessons learned from the exercises.
    • Provided a memo detailing the findings from the tabletop, various gaps in the organization’s existing cybersecurity program, a roadmap for addressing these gaps, and recommendations for improving detection, response, containment, and remediation.
331+ Enterprise Tabletops


89+ Tabletop Reports


30+ Years of

collective experience

1000’s of Senior Management

individuals tested

131+ Post Tabletop

game plans established

Dozens of Government Organizations

consulted and assessed

Cybersecurity Tabletop Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders


Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees


Review of Alternative Dispute Resolution Case Law in 2018

Quality Control