Use these scenarios as the basis for tabletop exercises. %%EOF
Cyber Tabletop Exercises& Lessons Learned David Dumas, CISSP, CISM david.dumas@verizon.com ISSA New England Chapter Board Member ISSA Distinguished Fellow February 18, 2014. They're designed to expose weaknesses in organizational structures and to make sure that people actually follow protocols and best practices that seem like they're in the realm of theory most of the time. . fOsjG*!:I4MRO. egin the exercise by reading out the main points of the scenarios presented earlier. We've been talking largely in generalities here so far. Moderate to major damage is reported for two hundred . The first question to ask yourself is whether a tabletop exercise is appropriate for your organization. hurricane scenario. Ahead of full-scale exercises, local businesses, law enforcement agencies, and news organizations are typically notified and often given roles to play as well. Consider leveraging a modern emergency communication solution with event pages to simulate a communication exercise during the tabletop. opening remarks. LockA locked padlock 3 0 obj
PK ! . |t!9rL'~20(H[s=D[:b4(uHL'ebK9U!ZW{h^MhwuV};GoYDS7t}N!3yCaFr3 PK ! A fire in your business can be debilitating, and a fire evacuation plan is effective only when employees know what they need to do. 2TTTB6e\R\vjr This exercise PowerPoint presentation can be used with staff from federally qualified health centers to help them discuss continuity of operations and communications with patients, staff, and outside organizations after a fire . But how can you feel confident that your emergency operations or business continuity plans are sufficient before you need to put them into action? evaluate cyber security protocols and procedures consider to what degree. An incident response tabletop exercise is the equivalent of a cybersecurity fire drill. [y
n:kl:Q$1nH*kmF}N!VvUNf9W(L3dx8K:nJn;C5f|I PK ! They help train key personnel for any emergency by allowing you assess your protection and preparation tactics, practice your response plans, and improve your recovery capabilities in a risk-free environment. A full-scale exercise is as close to the real thing as possible. RSI has good documentation on performing an incident response tabletop exercise, which involves making sure participants know what your organization's policies are for specific types of breaches and who's responsible for what actions in response to them. Functional exercises are designed to exercise specific team members, procedures and resources (e.g. CYBER INCIDENT TABLETOP EXERCISE - . m ppt/slides/_rels/slide5.xml.relsJ0FP "bTpind8\2_nwd>]SY+ :l/mxuELh%jgIL4("Sl08@#sl\01c;bO.,V Ever thought you had better things to do with your time? PPT Fashion Flat Business General Report Template. ppt/slides/_rels/slide11.xml.relsJ0FP "bTpind8\2_nwd>]SY+ :l/mxuELh%jgIL4("Sl08@#sl\01c;bO.,V The exercise will be most successful if everyone embraces the objectives of the scenario at hand. Josh Fruhlinger is a writer and editor who lives in Los Angeles. . vzkqz7l/}?"gqQOe=l\]erOTjut A tabletop exercise, by contrast, is played out, as the name implies, around a table, with participants responding to the leader's prompts and description of a scenario with suggestions drawn from their organization's emergency plans. m ! Note that the crisis leader has the final say if there are conflicting . Tabletop exercises are used to prepare for all sorts of crises, but cybersecurity and disaster recovery are common areas of focus. Make sure your team has access to this packet ahead of time. For example, the Federal Emergency Management Agency (FEMA)which coordinates emergency response following federally declared disastersregularly uses tabletop exercises to test and validate policies, current plans, procedures, equipment, and more. facilitator. A supply-chain attack is detected. Tabletop ExerciseBomb Threat - Explosion Division for Law Enforcement, Homeland Security, and Institutional Research. endstream
endobj
startxref
Digital tactics to expose company data and . %PDF-1.6
%
Business continuity planning. . Conducting a Tabletop Exercise scenario can help train staff, raise their levels of awareness of the business continuity plan and verify their capabilities to communicate, respond and recover from various events. GF Y ppt/_rels/presentation.xml.rels ( n0-MN.k $vy ]9EcG16a(8FE Tabletop Exercise Introduction. Rodney.Roberson@fema.dhs.gov . Tabletop exercises are not limited to the cybersecurity realm; any organization that has to confront potential crises and disasters can benefit from playing one out. Tabletop Exercise Scenario Example 2: Cyber Extortion. JFIF C Prepare the ERP in accordance with the guidelines issued by SCDF. Conduct a walkthrough or orientation session to familiarize team members with the preparedness plans. Active Shooter Tabletop Exercise. They often include participation from local businesses. Planning is key to ensuring a tabletop exercise will be productive and useful for participating stakeholders. The PlexTrac blog proposes a series of basic questions you need to answer once you've decided to move forward. However, like most tools, they are a better fit for some jobs than others. [logo here]. [y
n:kl:Q$1nH*kmF}N!VvUNf9W(L3dx8K:nJn;C5f|I PK ! Tabletop exercises are great for testing plans, but if everyone involved is just improvising, that can't tell you much. Fire Evacuation Tornado Event Chemical/Hazmat Spill Active Shooter Scenario 1 It is August in Fargo, ND and most students are on summer break from the NDSU campus. 39FLpX
B!2ZJzh 9p\)llt*'f8"sQ2mjOGT*ng)*lWRZyHN+JDOU"{=
A$z8!NKpv=C@\"Q.yM9yl|8nekLB8!%(07JLa1B$>^A:v~E7MAvW
r,V=j*/6 QuToJT/ktL5-g% )*^5]my8;p.U(8r|X
= [0ko!zis$&YcGKZ!=(1%P{HZA%bTD~1-"Ei}||W
H!C=N
:t
nwo\;;{ Review and update the ERP annually. Evaluators are also often involved in developing an after-action report, which details lessons learned and recommendations for future planning, training, and exercises. After all, if the organization discovers a weakness in their defenses or problem with their processes in the course of the exercise, that can be thought of as a good thingbetter to figure that out during an exercise than a real crisis, after all. Z 2023 Alert Media, Inc. All Rights Reserved. hVMo1q)S{B*rC]! Patrol units are several minutes from arriving. Tabletop exercises. Then there's where: The obvious location, as you'd guess from the name, is sitting around the table in a conference room, but exercises could also be conducted via videoconference for distributed teams. Tabletop Exercise. 125 0 obj
<>stream
USEFULNESS OF MOCK EXERCISES FOR INCULCATING CULTURE OF PREPAREDNESS - Title: PowerPoint . . Well, such exercises are conducted to prepare us so that we can take better care of each other in times of crisis. ppt/slides/_rels/slide17.xml.relsJ0FP "bTpind8\2_nwd>]SY+ :l/mxuELh%jgIL4("Sl08@#sl\01c;bO.,V Players will respond to the given scenario. Speak up if your role confuses you or if something doesnt make sense. ppt/slides/_rels/slide18.xml.relsJ0FP "bTpind8\2_nwd>]SY+ :l/mxuELh%jgIL4("Sl08@#sl\01c;bO.,V Recommended for: Operations team, CERT members, Fire Wardens and Fire Safety Committee members. coming from the Nike outlet, #500. Powerful mobile communication tools for admins and employees. Program Overview: The Emergency Management Institute (EMI) conducts a monthly series . Contact local emergency management officials to determine if there is an opportunity to participate in a full-scale exercise within your community. This discussion is usually conducted by a trained facilitator who guides the team through multiple scenarios and determines their readiness or potential gaps in their response process. Members of the campus review and discuss the actions they would take in a particular emergency, testing their emergency plan in an informal, low-stress environment. Provide tools and guides to boost learning, finding resources that feed the needs revealed by the exercise's outcome. TAbLETop EXERCiSES . photo courtesy of noaa photo library. Only use 911 for an emergency. Let's focus for a moment on one element here: the objectives of the exercise. Ll ! In particular, junior staffers need to be given space to comment in front of management, so try to include everyone on an equal footing. Longer and more involved incident response exercises such as Hybrid or Live can run for several days. Fire Safety Warden Emergency Response Team b. uilding Owner Property Manager . m_{fhzOO%$7hcP|. Beyond providing a low-cost, low-risk, and highly effective way to assess emergency response plans in advancewell-designed tabletop exercises help individuals across the organization better understand their roles in an emergency, providing a safe space to think critically about potential scenarios that could impact normal operations. m ! 4 0 obj
Before you begin, the moderator needs to review the objectives and scope of the exercise. One important thing to keep in mind, as the State of Massachusetts's own emergency preparedness division points out, is that tabletop exercises are not meant to be a test or a competition. Review the risk assessment and program performance objectives. [y
n:kl:Q$1nH*kmF}N!VvUNf9W(L3dx8K:nJn;C5f|I PK ! ",#(7),01444'9=82. Don't fight the scenario; the scenario has been developed to . When planning a tabletop exercise, youll need to identify which stakeholders should be involved. Z Larry started by making a list of participants. Presentation Transcript. division for law enforcement, homeland security, and institutional research. Once youve put your plan to the test, look back on what went well, what went wrong, and what youd like to change for next time. Learn more about our people, values, and mission. Welcome and Introductions. 0
Z The Handbook is distributed only to those individuals specifically designated as planners. Narrative A 7.2-magnitude earthquake occurs along a fault zone approximately 50 miles from your hospital. Drills: Perfection of an individual emergency procedure (1/2 - 2 hrs to hold, 3+ days to plan). Analyst-verified relevant threat intelligence for every event. Prepare the ERP within 6 months from the commencement of the Fire Safety Amendment Act. Clarify the objectives and outcomes, determining what you hope to achieve and how you'll use the results after the exercise is over. Combining analyst-verified threat intelligence with location data for your people, facilities, and assets will help you identify incidents faster and minimize response times as you implement your plans. The National Association of Regulatory Utility Commissioners, a group that knows a little bit about the necessity of being prepared for a crisis, suggests the objectives be SMART, by which they mean: There are plenty of consultants who will be happy to lead a tabletop exercise at your organization; however, due to these exercises' informal nature, more often than not they're led by internal staff, and you almost certainly have someone who would do a fine job of leading a tabletop exercise using a guide and some solid examples.