It may sound like a new yoga workout for the office, but a tabletop exercise is a non-intrusive discussion where your business’s key players are presented with a hacking scenario, and they step through what would be done and who would be called to mitigate the risk.
A tabletop exercise has one primary goal: identify weaknesses. Since these are exercises and no actual hacking of systems is involved, you can rest easy while exploring just how effective your team is at defending your business from cyber threats. What you discover may surprise you.
Who should attend?
Key stakeholders in your business should attend the exercise. You should have representation from all critical areas: IT, accounting, HR, legal, etc. If your businesses has only a few employees, and you cover all of these roles, consider bringing in your IT support vendor and lawyer to discuss these topics. It will be time well spent.
How to host a tabletop exercise
Ask around, and your IT vendor, insurance carrier and bank may have ideas and suggestions. Consider researching online for some ideas. Be cautious of sales pitches, though; you want a true learning experience, not another slide deck of sales materials.
Depending on your area of business, there are different ISAC’s (Information Sharing and Analysis Centers) for a given industry. For example, there is a real estate ISAC, legal ISAC, financial ISAC – you get the idea. These centers have plenty of scenarios ready to go for you – all you have to do is schedule everyone to be there.
Be prepared to work
Bring a brand new notepad with you to the exercise. You’ll come away with several action items. This is not another meeting to just “sit in and observe.” A good tabletop is designed to make everyone think and explore how they would react given a scenario. Just remember, it is a training exercise, so attack the problem, not the scenario.
Call us – we can help
If you’re interested but unsure, please visit us in person at any one of our convenient WBT locations, online at www.wilsonbank.com or call us at 615-444-BANK (2265) and ask for me. I’d be glad to point you in the right direction.
Have another thought, tip or suggestion? Leave it in the comments below. I would love to hear from you!