Introduction to the guide
This publication seeks to provide guidance in designing, developing and evaluating how and when to conduct a tabletop exercise as a tool to improve an organization’s cyber security policymaking and operations capacities. As indicated in the graphic below, this document is the first of a series of deliverables that will assist practitioners in identifying areas that would benefit from TTXs, as well as designing and implementing them in a way that increases cyber security capabilities.
This guidebook is mainly aimed for:
o Cyber policymakers in governments,
o Cyber security preparedness and response organizations,
o Critical infrastructure owners and operators,
o Governmental and ministerial institutions (e.g., NCSCs) focused on implementing,
national cyber security programs via policy or regulation,
o Technical community and other cyber security practitioners.
The guide aims to offer a public-private cross organizational scope. Therefore, this guide is not written from a strictly business point of view, but rather provides a macro-level approach to achieving cybersecurity resilience through TTXs. This way, organizations ranging from those which are part of critical infrastructure to others such as SMEs can make use and benefit from this guidebook.
The overall goal of the guide is to provide practical considerations to bridge the gap between technical operations and administration/politics in understanding the benefits of undertaking TTXs at all national and organizational levels and increase the knowledge of the personnel responsible for organizing TTXs so that they achieve their capacity building objectives.
This guide is part 1 of a three-deliverable package:
Introduction to table-top exercises (TTXs)
This chapter discusses the definition of a tabletop exercise (TTX) and why it is important to develop and perform a tabletop exercise. This is accompanied by an explanation of the potential goals of TTXs and the likely target groups for tabletop exercises.
Note: These are not all-inclusive exercise goals or potential target groups. Over time, scoping may differ due to rapid technological and socio-political developments, which will bring new needs and components into the cyber sphere. This will require a reflection into existing capabilities and may lead to additional characteristics into TTXs features.