Implementing Your First Cybersecurity Tabletop Exercise>
Jump Cloud – Kate Lake
Step One: The Incident Response Plan Tabletop Exercise Basics TTX Scope Most limited scope: technical/operational Moderate scope: logistical/tactical Most robust scope: severe breach TTX Objectives Identify strengths and weaknesses in the IRP. Identify strengths and weaknesses in staff response. Familiarize staff with the IRP and a potential threat environment. Instill muscle memory in staff that will aid in real-life incident response. TTX Procedure The IRP should define response procedures, but first-timers might consider focusing on performance in the following areas to measure response efficacy.

Roles and responsibilities Threat identification and reporting Triage Action: Containment and mitigation Technology and operations Communication flow External communication and messaging Compliance Should You Add Pressure? Itâs human nature to clam up under pressure. When stressed, people enter high-alert mode that increases focus â sometimes to the point of failing to notice new information around them â and decreases fine motor skills, working memory, and decision making skills. Simulating pressure can help team members learn how to operate under pressure and instill muscle memory for response actions that can kick in during a real incident.
Link: https://jumpcloud.com/blog/implementing-first-cybersecurity-tabletop-exercise