// THREAT DETECTION AND DATA PRIVACY TERM

Tabletop Exercise

A tabletop exercise is a discussion-based training session where key personnel talk through their organization's response to a simulated emergency, such as a cyberattack or data breach. It helps them identify gaps in plans and improve coordination without impacting actual systems.

TECHNICAL DEFINITION

A tabletop exercise (TTX) is a discussion-based incident response simulation designed to verbally walk key organizational stakeholders and incident management teams through a hypothetical cybersecurity incident scenario, such as a ransomware attack or data breach, to evaluate existing incident response plans, communication protocols, roles, and decision-making processes.

BACKGROUND

Civil defense in Taiwan traces its modern roots to the Japanese colonial period and has recently seen a resurgence due to the increasing threat from China following the Russian invasion of Ukraine. Taiwan has a large network of air raid shelters. In the modern era civil defense includes both governmental and non-governmental organizations. Prominent non-governmental organizations include Kuma Academy and the Forward Alliance. In addition, recent years have seen the creation of numerous local organizations such as Taiwan Hemlock Defense (台灣鐵杉民防), Taiwan Militia Association (台灣民團協會)or Academia Formosana. Watchout has also been instrumental in the introduction of civil defense manuals from other countries.

READ MORE ON WIKIPEDIA

SYNONYMS & ALIASES

  • TTX
  • Cyber crisis simulation
  • Incident response discussion
  • Scenario walk-through
  • Emergency preparedness discussion

USAGE NOTE

These exercises are crucial for validating incident response plans, identifying weaknesses, and fostering team communication before a real-world cyber event occurs.

DEVELOPERS

Organizations developing technology related to Tabletop Exercise.

  • Cyberbit

    Cyberbit provides a hyper-realistic cyber range platform that allows organizations to conduct live-fire incident response drills and simulations, serving as an advanced form of tabletop exercise technology.

  • SimSpace

    SimSpace offers a scalable cyber range platform designed for realistic training and exercises, enabling teams to practice incident response and cyber defense scenarios that complement and enhance traditional tabletop exercises.

  • RangeForce

    RangeForce provides a cloud-based cyber range platform with hands-on training modules, including those for incident response, which can be integrated into or used as preparation for interactive tabletop exercises.

  • Cyborg Security

    Cyborg Security offers an Incident Response Playbook Platform that helps organizations build, manage, and operationalize incident response playbooks, which are crucial technological assets for preparing and executing effective tabletop exercises.

  • Mandiant (Google Cloud Security)

    Mandiant, now part of Google Cloud Security, provides advanced incident response readiness services, including the development and utilization of technology and frameworks to conduct sophisticated tabletop exercises for cyber defense.

  • Booz Allen Hamilton

    Booz Allen Hamilton develops and employs advanced simulation and training technologies for government and defense clients, supporting complex cybersecurity tabletop exercises and incident response planning.

  • AttackIQ

    AttackIQ provides a Breach and Attack Simulation (BAS) platform that continuously validates security controls and informs organizations about their true security posture, offering data and scenarios that significantly enhance the relevance and effectiveness of tabletop exercises.

RELATED TERMS IN INCIDENT RESPONSE