Find & Fill Gaps in Your IR/DR Security Plans
Get backup from our team of security and compliance experts to enable your organization to pass any regulatory obligation.
Tabletops
Conversational Incident and Disaster Simulations
What is a tabletop exercise?
Level up your incident response and disaster recovery plans
A tabletop exercise is a guided walkthrough of incident response and disaster recovery plans. By presenting a theoretical disaster or incident and discussing how your organization would handle it based on its plans, we can quickly start to uncover where there might be shortcomings in your potential response. The end goal is to ensure the proper business units, points of contact, technology, and execution are in place and ready before an incident or disaster occurs.
How can we help?
Speak with one of our incident response experts to get started on improving your IR & DR plans.
CONTACT USHow does FRSecure approach Tabletops?
We start by working with you to gather information about your network setup, any specific scenarios you would like to run through, and what kind of pain level your organization is looking to test. By understanding your network and current events we can provide flexible scenarios aimed at making your entire program better.
Tabletop Steps
Planning
A tabletop engagement with FRSecure begins with understanding what your environment looks like, how problematic you want the theoretical incident to be, and coming up with scenarios to match.
Exercise
The exercise includes a walk through of the plan based on the scenario presented. We set the stage, enact your plan, provide realistic changes to the incident based on your environment and the attack, and then see how you pivot.
Report
On every engagement, we include additional IR team members and analysts to transcribe the conversation. We collectively parse through notes and come up with key components to make improvements on.
Delivery & Recommendations
Once we’ve come up with improvement recommendations, we present the findings to your team so they know where to make changes. This is a great training opportunity for IT outsiders—they’re just as impacted by system downtime.
Disaster Recovery Tabletop
Disaster Recovery Tabletop
Incident Response Tabletop
Incident Response Tabletop
Tabletop FAQ
We keep this exercise conversational and flexible. The benefit is that it doesn’t take us 6 months to come up with a scenario to run through—we’re comfortable adjusting based on what is said/done. Because of this, we can turn these around quite quickly!
We operate on a “pain” scale (or the potential impact a similar event would have on your organization) of 1-10 based on what your organization wants to test. Depending on the scale chosen and intel we’ve gathered about your environment and known vulnerabilities, we then come up with a scenario that fits best.
Most commonly, we see a 7—relatable to a ransomware event.
This is intentionally meant to be something you can do frequently and at little cost. Organizations are often told to do these annually, but we recommend semiannually or quarterly.
While having a plan in place is not necessary to run through one of these engagements, it is highly encouraged. You will still learn how to better handle incidents regardless, but the point is to vet your plan.
The FRSecure Way
Why work with FRSecure?
Expertise
FRSecure has been in business for over 10 years, and our team has more than 300 years of combined experience working in information security and boasts 30 different kinds of certifications. When it comes to understanding how to respond and recover fro incidents and disasters, you have the benefit of experience in your corner.
Mission
Our mission at FRSecure is to fix the broken information security industry. Not only do we help improve IR and DR plans, but we also solve as many weaknesses as we can in your security environment. We are dedicated to making real, lasting, impactful changes to your security program.
Style
Our style isn’t “cookie cutter.” We recognize that each organization is different, and every security program is at a different stage of maturity. We get to know your security program intimately, use assessents to determine what your strengths and weaknesses are, and then apply industry best practices to provide next steps that’ll help you handle incidents should they arise.
Focus
Information security is all we do. We don’t do IT, sell hardware, or provide telco services. We only do security. Because of this, our team can provide unbiased recommendations that will actually make a dramatic impact to the way you do security. We work hard to be a partner—collaborating with and educating your team every step of the way.