Find & Fill Gaps in Your IR/DR Security Plans

Get backup from our team of security and compliance experts to enable your organization to pass any regulatory obligation.


Conversational Incident and Disaster Simulations

What is a tabletop exercise?

Level up your incident response and disaster recovery plans

A tabletop exercise is a guided walkthrough of incident response and disaster recovery plans. By presenting a theoretical disaster or incident and discussing how your organization would handle it based on its plans, we can quickly start to uncover where there might be shortcomings in your potential response. The end goal is to ensure the proper business units, points of contact, technology, and execution are in place and ready before an incident or disaster occurs.

How can we help?

Speak with one of our incident response experts to get started on improving your IR & DR plans.


How does FRSecure approach Tabletops?

We start by working with you to gather information about your network setup, any specific scenarios you would like to run through, and what kind of pain level your organization is looking to test. By understanding your network and current events we can provide flexible scenarios aimed at making your entire program better.

Tabletop Steps



A tabletop engagement with FRSecure begins with understanding what your environment looks like, how problematic you want the theoretical incident to be, and coming up with scenarios to match.



The exercise includes a walk through of the plan based on the scenario presented. We set the stage, enact your plan, provide realistic changes to the incident based on your environment and the attack, and then see how you pivot.



On every engagement, we include additional IR team members and analysts to transcribe the conversation. We collectively parse through notes and come up with key components to make improvements on.


Delivery & Recommendations

Once we’ve come up with improvement recommendations, we present the findings to your team so they know where to make changes. This is a great training opportunity for IT outsiders—they’re just as impacted by system downtime.

Disaster Recovery Tabletop

Disaster Recovery Tabletop

A disaster recovery plan focuses on maintaining system uptime in the face of a natural or human-made disaster.

Incident Response Tabletop

Incident Response Tabletop

An Incident response plan focuses on helping to identify, eliminate, and recover from information security threats.
“Thanks to FRSecure’s detailed understanding of both technical requirements and healthcare regulations, the complex site has maintained impeccable compliance and reliable performance. FRSecure’s responsiveness, customer-focused attitude, and robust audit processes continue to promote stability.”
Trailhead Health

Tabletop FAQ

We keep this exercise conversational and flexible. The benefit is that it doesn’t take us 6 months to come up with a scenario to run through—we’re comfortable adjusting based on what is said/done. Because of this, we can turn these around quite quickly!

We operate on a “pain” scale (or the potential impact a similar event would have on your organization) of 1-10 based on what your organization wants to test. Depending on the scale chosen and intel we’ve gathered about your environment and known vulnerabilities, we then come up with a scenario that fits best. 

Most commonly, we see a 7—relatable to a ransomware event.

This is intentionally meant to be something you can do frequently and at little cost. Organizations are often told to do these annually, but we recommend semiannually or quarterly.

While having a plan in place is not necessary to run through one of these engagements, it is highly encouraged. You will still learn how to better handle incidents regardless, but the point is to vet your plan.

“FRSecure’s recommendations have resulted in a level one PCI certification, which is the highest level of certification a company can achieve. Their highly personalized recommendations and services have resulted in heightened security and continual growth in business.”
Security Administrator
Premier Printing Company

The FRSecure Way

Why work with FRSecure?


FRSecure has been in business for over 10 years, and our team has more than 300 years of combined experience working in information security and boasts 30 different kinds of certifications. When it comes to understanding how to respond and recover fro incidents and disasters, you have the benefit of experience in your corner.


Our mission at FRSecure is to fix the broken information security industry. Not only do we help improve IR and DR plans, but we also solve as many weaknesses as we can in your security environment. We are dedicated to making real, lasting, impactful changes to your security program.


Our style isn’t “cookie cutter.” We recognize that each organization is different, and every security program is at a different stage of maturity. We get to know your security program intimately, use assessents to determine what your strengths and weaknesses are, and then apply industry best practices to provide next steps that’ll help you handle incidents should they arise.


Information security is all we do. We don’t do IT, sell hardware, or provide telco services. We only do security. Because of this, our team can provide unbiased recommendations that will actually make a dramatic impact to the way you do security. We work hard to be a partner—collaborating with and educating your team every step of the way.

We are open for new projects

Looking for a tabletop exercise? Let’s Talk!