New Open Source Cybersecurity Tabletop Exercises

The toolkit offers a resource for organizations solidifying incident response capabilities.

General Cyberattack

ArmorText and the international law firm of Crowell & Moring LLP today released an update to their tabletop exercise guide, making new exercise scenarios publicly available under a Creative Commons license. The new Cyber Resilience: Incident Response Tabletop Exercises Q2 2024 addresses urgent challenges facing executives, including disruptive attacks by increasingly sophisticated criminal actors, as well as increasingly complex regulatory obligations. 

“We are seeing new and extremely sophisticated cyberattacks taking organizations by surprise and costing them millions. Preparedness is the best cybersecurity tool to mitigate the impact of attacks, including the ensuing regulatory obligations,” said Navroop Mitter, CEO, ArmorText.  

With the first edition of the guide published in October 2023, this new publication offers two additional scenarios, each organized into a module with tailored injects and facilitator prompts that incorporate three recent trends: 

  1. Threat actors continue to target key executive communications for surveillance.
  2. Social engineering attacks, including those incorporating AI tools, are being utilized by threat actors, resulting in significant impacts to victim companies.
  3. Global regulators, shareholders, and other key stakeholders continue to focus on how victims’ management teams handle incidents and communicate about them. 

“To help organizations improve their incident response, we have continued making the scenarios free to take and use. Our plan is to continue adding to this collection of modules through future publications to reflect the continuing evolution in the cyberattack landscape,” continued Mitter. 

The two new modules entail:

  • Rapid Exploitation:
    • Escalating attacks involving social engineering, unauthorized software installations, high-value data exfiltration, reputational damage, compromised communications, and targeted reconnaissance of security professionals' enterprise communications. 
    • AI-enabled attacks, particularly where threat actors mimic the voice and visual personas of key individuals.
  • Disclosure Dialogues:
    • Preparing for responsible disclosure of cybersecurity incidents with material impact in light of increased scrutiny from regulators, shareholders, and other key stakeholders on how companies and their management teams respond to and communicate about cybersecurity incidents. 

According to IBM’s Cost of a Data Breach Report 2023, over half of companies who experience a cyberattack bolster spending post-incident with their top investment being Incident Response (IR) planning and testing, and organizations with both an IR team and pre-attack IR testing were able to identify breaches a full 54 days faster than those with neither. 

More in Cybersecurity