About Our Cybersecurity Tabletop Practice

Law & Forensics works closely with executive leadership teams to craft customized cybersecurity tabletops that mirror the organization’s business environment, regulatory and compliance obligations, IT infrastructure, and corporate culture. We know that each organization is unique and that a one-size-fits-all type of cybersecurity tabletop simply does not work.

Our custom-built cybersecurity tabletops not only are engaging, but they aim to identify gaps in organizations’ existing compliance and regulatory obligations, cybersecurity posture, shortcomings with cyber insurance, deficiencies with existing cyber training, and cement the organization’s cyber strategy.
Law & Forensics’ tabletops serve as a first step towards identifying risks that could potentially have a significant impact on organizations if left unattended to.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Custom Tabletop Scenarios

  • Create tailored cybersecurity tabletops that are specific to an organization’s existing cybersecurity program and systems, IT hardware and systems, culture and corporate structure, and regulatory and compliance obligations. Custom tabletops also provide the following benefits to an organization:
    • Identifying areas the organization can improve to speed up the response time to an incident,
    • Providing an opportunity to gain experience dealing with the problems a breach could bring,
    • Offering an organization the ability to evaluate its overall incident preparedness by creating benchmarks to work against on a yearly basis,
    • Delivering an objective review of the cybersecurity program and identify gaps and deficiencies in an organizations’ Incident Response plan.

Generic Tabletop Scenarios

  • Develop interactive in-person tabletop sessions harness the knowledge of the critical divisions in the organization that would typically be tasked with managing an incident, to create a comprehensive mitigation strategy, to raise awareness around potential risks, and encourage collaboration.
  • Provide clients tabletop scenarios that allow senior leadership greater peace of mind, knowing that your team is well prepared and will be able to handle a crisis efficiently when it occurs, prepare your team and provide them the tools they need to handle an incident, speeding up the response time to an incident by providing your team an opportunity to gain experience dealing with the problems a breach could bring, ahead of time, evaluate your organization’s overall incident preparedness by creating a benchmark to work against on a yearly basis, identify deficiencies in your organizations’ Incident Response plan – from technical issues, to escalation procedures, policies, and more.

Deliver and Administer Tabletop Scenarios

  • Collaborate with cybersecurity, legal, audit, business, and other stakeholders to conduct tabletop scenarios. Our Cybersecurity Tabletops Practice leverages an integrated team of technologists, sociologists, lawyers, risk managers, and subject matter experts to conduct tabletop.
  • Deliver tabletop scenarios for organizations that can be tailored to specific employees participating at the tabletop ranging from Board members to the new hire in the compliance department to the plant manager at a steel plant.
  • Ensure that the tabletop is administered by a seasoned veteran that has conducted dozens of tabletops along with a scribe and other subject matter experts as appropriate.

Remediation Identified During Cybersecurity Tabletop

  • Work with organizations cybersecurity, compliance, legal, and technology stakeholders to create risk register and gaps that are identified in connection with the tabletops.
  • Collaborate with big and small organizations to execute upon the mitigation strategy in order to speed up their organization’s effectiveness and response time to managing an incident.

Case Studies by Industry

Industry/Sector: Transportation

Type of Service: Create, Deliver, and Execute Tabletop Engagement

Description: Retained by a multibillion-dollar company to create and execute cybersecurity tabletops for the parent company and 42 affiliates all over North America with very positive results. Efforts included:

    • Creating scenarios that present enough to make it appear as a real incident rather than a made-up one.
    • Delivering scenarios in a fashion that enabled the organization team to discover gaps and issues with the existing cybersecurity program.
    • Facilitating a discussion with participants around their roles and responses while testing the organization’s understanding of their incident response roles.
    • Delivering an executive briefing on lessons learned from the exercises.
    • Providing a memo detailing the findings from the tabletop, various gaps in the existing organization’s existing cybersecurity program, and a roadmap for addressing these gaps and recommendations for improving detection, response, containment and remediation.
331+ Enterprise Tabletops


89+ Tabletop Reports


30+ Years of

collective experience

1000’s of Senior Management

individuals tested

131+ Post Tabletop

game plans established

Dozens of Government Organizations

consulted and assessed

Cybersecurity Tabletop Practice Edge


Law & Forensics Cybersecurity Tabletop practice has created, reviewed, and delivered incident response tabletop exercise scenarios for public and privacy companies all over the globe. We create customized tabletop scenarios that test some or all aspects of a company’s cybersecurity program and incident response plan, incorporating specific security controls, industry cybersecurity framework, and government guidance.

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.


Our Cybersecurity Tabletop Practice has created and run tabletops all over the globe to diverse sets of companies and stakeholders and addressing complex statutory frameworks (e.g., CFATS, DFS, HIPAA, GDPR, and CCPA). that allow members of an incident response team a valuable opportunity to clarify and rehearse their roles, giving them muscle memory and confidence when responding to an actual cyber incident and highlighting areas where an organization can improve their cyber program.

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.