Cybersecurity Tabletop Practice

Cybersecurity Tabletops

About Our Cybersecurity Tabletop Practice

Our Cybersecurity Tabletop practice works closely with companies, big and small, to deliver custom cybersecurity tabletops that mirror the organization’s business environment, regulatory obligations, IT infrastructure, corporate culture, and compliance requirements. Our offering is unique in that the cybersecurity tabletop delivered is unique because a one-size-fits-all type of cybersecurity tabletop simply does not work. The Cybersecurity Tabletop team creates custom cybersecurity tabletop scenarios that are not only are engaging but identify gaps in organizations’ existing compliance and regulatory obligations, cybersecurity posture, cybersecurity insurance, and cybersecurity training.

The Cybersecurity Tabletop team is frequently brought in to verify and validate the maturity of a cybersecurity program for the board, identify gaps and risks in a cybersecurity program that may significantly impact on organizations if left unattended to, and test cybersecurity and incident response plans at all levels of an organization. The team can achieve this because we leverage Tabletop.ai, which is our patent pending comprehensive enterprise platform for cyber risk management and prevention. Our team, by using tabletop.ai, can improve clients’ regulatory, compliance, and legal cybersecurity posture before an incident happens.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Custom Generic Deliver and Administer Remediation

Custom Tabletop Scenarios

Create tailored cybersecurity tabletops specific to an organization’s existing cybersecurity program and systems, IT hardware and systems, culture and corporate structure, and regulatory and compliance obligations. Custom tabletops also provide the following benefits to an organization:
- Identify areas the organization can improve to speed up the response time to an incident,
- Provide an opportunity to gain experience dealing with the problems a breach could bring,
- Offer an organization the ability to evaluate its overall incident preparedness by creating benchmarks to work against every year,
- Deliver an objective review of the cybersecurity program and identify gaps and deficiencies in an organizations’ Incident Response plan.

Generic Tabletop Scenarios

Develop interactive in-person tabletop sessions harness the knowledge of the critical divisions in the organization that would typically be tasked with managing an incident, to create a comprehensive mitigation strategy, to raise awareness around potential risks, and encourage collaboration.
Provide clients tabletop scenarios that allow senior leadership greater peace of mind, knowing that your team is well prepared and will be able to handle a crisis efficiently when it occurs, prepare your team and provide them the tools they need to handle an incident, speeding up the response time to an incident by providing your team an opportunity to gain experience dealing with the problems a breach could bring, ahead of time, evaluate your organization’s overall incident preparedness by creating a benchmark to work against on a yearly basis, identify deficiencies in your organizations’ Incident Response plan – from technical issues, to escalation procedures, policies, and more.

Deliver and Administer Tabletop Scenarios

Collaborate with cybersecurity, legal, audit, business, and other stakeholders to conduct tabletop scenarios. Our Cybersecurity Tabletops Practice leverages an integrated team of technologists, sociologists, lawyers, risk managers, and subject matter experts to conduct tabletop.
Deliver tabletop scenarios for organizations that can be tailored to specific employees participating at the tabletop ranging from Board members to the new hire in the compliance department to the plant manager at a steel plant.
Ensure that the tabletop is administered by a seasoned veteran that has conducted dozens of tabletops along with a scribe and other subject matter experts as appropriate.

Remediation Identified During Cybersecurity Tabletop

Work with organizations cybersecurity, compliance, legal, and technology stakeholders to create risk register and gaps that are identified in connection with the tabletops.
Collaborate with big and small organizations to execute upon the mitigation strategy in order to speed up their organization’s effectiveness and response time to managing an incident.

Case Studies by Industry

Transportation

Industry/Sector: Transportation

Type of Service: Create, Deliver, and Execute Tabletop Engagement

Description: Retained by a multibillion-dollar company to create and execute cybersecurity tabletops for the parent company and 42 affiliates all over North America with very positive results. Efforts included:

- Created scenarios that present enough to make it appear as a real incident rather than a made-up one.
- Delivered scenarios that enabled the organization’s team to discover gaps and issues with the existing cybersecurity program.
- Facilitated a discussion with participants around their roles and responses while testing the organization’s understanding of their incident response roles.
- Delivered an executive briefing on lessons learned from the exercises.
- Provided a memo detailing the findings from the tabletop, various gaps in the organization’s existing cybersecurity program, a roadmap for addressing these gaps, and recommendations for improving detection, response, containment, and remediation.

Insurance

Industry/Sector: Insurance

Type of Case: Patent Litigation

Description: Worked with a Fortune 500 company to gauge the organization’s de-facto compliance with internal policies, as well as federal and state regulatory frameworks and cybersecurity frameworks such as NIST, vis-a-vis custom tabletop scenarios, etc. Efforts included:

- Delivered scenarios in a fashion that enabled the organization’s team to discover gaps and issues with the existing cybersecurity program.
- Facilitated a discussion with participants around their roles and responses while testing the organization’s understanding of their incident response roles.
- Provided a memo detailing the findings from the tabletop, various gaps in the organization’s existing cybersecurity program, a roadmap for addressing these gaps, and recommendations for improving detection, response, containment, and remediation.

Government

Industry/Sector: Government

Type of Case: Misappropriation Litigation

Description: Retained by a government agency to develop and lead a series of cybersecurity tabletops that integrate with existing training programs that resulted in a measurable increase in the awareness of employees and respective incident response obligations. Efforts included:

- Created scenarios that present enough to make it appear as a real incident rather than a made-up one.
- Facilitated a discussion with participants around their roles and responses while testing the organization’s understanding of their incident response roles.
- Delivered an executive briefing on lessons learned from the exercises.

331+ Enterprise Tabletops

completed

89+ Tabletop Reports

provided

30+ Years of

collective experience

1000’s of Senior Management

individuals tested

131+ Post Tabletop

game plans established

Dozens of Government Organizations

consulted and assessed

Cybersecurity Tabletop Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders

Capabilities

Law & Forensics Cybersecurity Tabletop practice has created, reviewed, and delivered incident response tabletop exercise scenarios for public and privacy companies all over the globe. We create customized tabletop scenarios that test some or all aspects of a company’s cybersecurity program and incident response plan, incorporating specific security controls, industry cybersecurity framework, and government guidance.

Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.

Expertise

Our Cybersecurity Tabletop Practice has created and run tabletops all over the globe to diverse sets of companies and stakeholders and addressing complex statutory frameworks (e.g., CFATS, DFS, HIPAA, GDPR, and CCPA). that allow members of an incident response team a valuable opportunity to clarify and rehearse their roles, giving them muscle memory and confidence when responding to an actual cyber incident and highlighting areas where an organization can improve their cyber program.

Review of Alternative Dispute Resolution Case Law in 2018

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.

Cybersecurity Tabletops

About Our Cybersecurity Tabletop Practice

Custom Tabletop Scenarios

Generic Tabletop Scenarios

Deliver and Administer Tabletop Scenarios

Remediation Identified During Cybersecurity Tabletop

Capabilities

Competitive fees

Expertise

Quality Control

Newsletter

Contact Us

CYBERSECURITY PRACTICE

EDISCOVERY PRACTICE

DIGITAL BANKING

FORENSICS PRACTICE

ARTICLES

WEBINARS

RESOURCES