Cybersecurity Tabletop Exercises cover

Cybersecurity Tabletop Exercises

From Planning to Execution
by Robert Lelewski and John Hollenberger
September 2024, 200 pp.
ISBN-13: 
9781718503823
Use coupon code PREORDER to get 25% off!

Download Chapter 1: Why Perform Tabletop Exercises? Look Inside!

Tabletop Exercises pages 6-7Tabletop Exercises pages 54-55Tabletop Exercises pages 162-163

Cybersecurity Tabletop Exercises, written by veteran security consultants Robert Lelewski and John Hollenberger, is an essential resource for cybersecurity professionals and anyone tasked with enhancing their organization’s incident response capabilities. This comprehensive guide to tabletop exercise planning and delivery offers practical insights, step-by-step instructions, and real-world examples to improve your team’s ability to prevent and respond to cyberattacks.

The book is divided into two main parts. In Part I: The Tabletop Exercise Process, you’ll learn:

  • Why you should perform tabletop exercises and what their organizational benefits are 
  • Effective planning and logistics tips, including how to gain executive sponsor support
  • How to develop realistic scenarios, injects, and storyboards
  • Facilitation techniques to ensure active participant engagement
  • Evaluation methods and follow-up activities

The example scenarios in Part II include:

  • Technical tabletops covering phishing campaigns, ransomware attacks, and zero-day vulnerabilities
  • Executive-level exercises that focus on high-impact incidents
  • Cross-functional cases such as physical security breaches, social media compromises, and insider threats

With examples tailored for various roles, you’ll discover how to transform tabletop exercises from a mere compliance requirement into a powerful strategic preparedness tool. Whether you’re new to tabletop exercises or an experienced practitioner, this book provides proven insights to strengthen your organization’s cyber incident response capabilities and overall security posture.

Author Bio 

Robert Lelewski has more than 20 years of experience in IT, cybersecurity, incident response, and risk management. He is the VP of cybersecurity strategy at Zurich Insurance’s Global Ventures and holds numerous industry certifications, including CISA, CISM, CRISC, CIPM, and CDPSE.

John Hollenberger is a seasoned cybersecurity consultant with over 16 years of experience in web and host-based vulnerability assessments, incident response, digital forensics, and data loss prevention. He is a senior security consultant of proactive services at Fortinet, with certifications that include CISSP, GCIH, GWAPT, and Security+.

Table of contents 

Acknowledgments
Introduction
Part I: The Tabletop Exercise Process
Chapter 1: Why Perform Tabletop Exercises?
Chapter 2: Planning the Tabletop Exercise
Chapter 3: The Development Process: Where the Rubber Meets the Road
Chapter 4: Facilitating a Successful Exercise
Chapter 5: Acting On What You’ve Learned: Evaluation and Next Steps
Part II: Example Scenarios
Chapter 6: Engaging a Technical Audience
Chapter 7: Engaging an Executive Audience
Chapter 8: Engaging the Business
Appendix: Reporting Templates
Index

The chapters in red are included in this Early Access PDF.

Reviews 

“This book is a great resource for anyone looking to start or enhance their cyber simulation exercise capability. The practical insights, examples and step-by-step instructions can be immediately applied, helping readers to effectively test and evaluate a team’s ability to respond to a cyber incident. Good Stuff!"
—Anthony Giandomenico, Global VP, FortiGuard Security Consulting

"A must-read for anyone involved in cybersecurity incident response. It expertly covers all aspects of conducting tabletop exercises, from scenario development to delivery to evaluation, providing practical advice and examples. Get ready to design and execute impactful tabletop exercises with the help of this book!"
—Jeffrey J. Carpenter, FIRST Incident Response Hall of Fame inductee

"Rob and John clearly guide readers on how to design and get the most value out of a tabletop exercise rather than it just being another compliance requirement. They will not steer you wrong!"
—Troy M. Bettencourt, Global Partner & Head of IBM X-Force

"Lelewski and Hollenberger offer a masterclass in cybersecurity preparedness, covering every facet of incident response planning with meticulous detail and practical insights. Their focus on engaging an executive audience is particularly noteworthy, shedding light on the critical role that C-level executives and cross-functional leaders play in managing cybersecurity incidents. Tabletop Exercises sets a new standard in the field and is essential reading for any organizations aiming to enhance their cybersecurity readiness.”
—Brian Nesgoda, CIO/CISO, Black Swan Technologies

"Whether you are brand new to the concept of tabletops or a seasoned professional, this book empowers both individuals and teams to learn and improve on the planning, development and facilitation of these critical cyber exercises. Tabletop Exercises leads readers right from the design stage through to delivery, feedback gathering and even gaining organisational buy-in, with a variety of fabulous example scenarios and injects that many teams could simply pick up and run with! This should be on the bookshelf of any cyber professional who takes their tabletops seriously."
—Rebecca Taylor, Threat Intelligence Knowledge Manager @ Secureworks