Security Tabletop Consulting

Be proactive. Be prepared with tabletop exercises.

Actively engaging in ‘what if’ scenarios with experts that know what that situation will look like is invaluable. Rather than waiting for a breach or incident to occur, our clients ask us to create and facilitate security tabletop exercises.

Preparedness is essential to protecting the enterprise.  Scenario-and role-playing training help organizations evaluate their ability to respond to a series of adverse events, master situational awareness and increase team performance.

How it Works

A typical Tabletop Exercise unfolds through a series of predetermined, finely crafted scenarios:

  • Scenario creation:  Security Innovation will work with you to create contextual scenarios that address internal needs and are directly pertinent to your organization
  • Execution of scenarios: During each scenario,  participants have to navigate threats and devise defenses.  With a Security Innovation expert leading the scenarios, it is easy to adjust the conversation based on the participants’ role or skill level
  • Read-out session: At the end of the event, Security Innovation will report lessons learned and make recommendations to improve your cybersecurity posture
Once your team knows the drill, they won't fail.
  •  Builds collaboration

    Teams are tasked with creating a unified response. This free flow of communication helps break down silos and drives home the need for tight alignment.

  • Uncovers Knowledge Gaps

    Fueled by an inviting environment, participants demonstrate their capabilities in real-world scenarios crafted from a decade of our experience in the industry.  This insight helps the organization better allocate the professional development budget.

  • Contextual

    Scenarios are based on threats and situations specific to your organization, making them relatable.  Samples include:

    • Open Source Software you use reports a known vulnerability
    • Your 3rd Party Cloud Storage is compromised
    • Employee accidentally leaks PII records
    • All employee workstations are vulnerable to a zero-day vulnerability
    • A recently fired employee still has access to a company laptop
    • Ransomware encrypts your customer/HR data
    • DDOS attack stifles important site availability