Home > Categories > Cybersecurity > Cybersecurity Tabletop Exercises
Cybersecurity Tabletop Exercises
đź“Ą Download PDF

Cybersecurity Tabletop Exercises

by Robert Lelewski, John Hollenberger

Cybersecurity

Book Details

Book Title

Cybersecurity Tabletop Exercises

Author

Robert Lelewski, John Hollenberger

Publisher

No Starch Press

Publication Date

2024

ISBN

9781718503823

Number of Pages

383

Language

English

Format

PDF

File Size

6.2MB

Subject

Cybersecurity

Table of Contents

  • Praise for Cybersecurity Tabletop Exercises
  • Title Page
  • Copyright
  • Dedication
  • About the Authors and Technical Reviewer
  • Acknowledgments
  • Introduction
  • Part I: The Tabletop Exercise Process
  • 1. Why Perform Tabletop Exercises?
  • Reasons to Conduct a Tabletop Exercise
  • Advantages of Tabletops over Other Security Exercises
  • What Tabletop Exercises Can Test
  • Summary
  • Questions
  • 2. Planning the Tabletop Exercise
  • Securing Executive Sponsor Support
  • Defining the Exercise’s Goals and Objectives
  • Senior-Level vs. Operational-Level Exercises
  • Determining Who Should Participate
  • Logistical Considerations
  • Notifying and Preparing Exercise Attendees
  • Scenario Confidentiality
  • Opposition from Invitees
  • Outsourcing Tabletop Exercises
  • Summary
  • Questions
  • 3. The Development Process: Where the Rubber Meets the Road
  • Choosing a Topic
  • Developing the Scenario
  • Introducing Injects
  • Designing the Exercise Storyboard
  • Considering the Scenario Escalation Pace
  • Crafting Your Ground Truth Document
  • Creating the Presentation Deck
  • Inviting Feedback
  • Summary
  • Questions
  • 4. Facilitating a Successful Tabletop Exercise
  • The Facilitator’s Role
  • Tabletop Management Tasks
  • Exercise Tools and Tactics
  • Making the Most of the Exercise Space
  • Communication Tips
  • Summary
  • Questions
  • 5. Acting on What You’ve Learned: Evaluation and Next Steps
  • Evaluation Requirements and Restrictions
  • Choosing an Evaluator
  • Evaluation Methods
  • Reporting Conventions
  • Follow-up Activities
  • Summary
  • Questions
  • Part II: Example Scenarios
  • 6. Engaging a Technical Audience
  • A Widespread Phishing Campaign
  • Ransomware Affecting File Servers (the Technical Version)
  • A Malware Outbreak via a Zero-Day Vulnerability
  • A Supply Chain Compromise
  • 7. Engaging an Executive Audience
  • Ransomware Affecting File Servers (the Senior-Level Version)
  • A Dark Web Data Discovery
  • A Distributed Denial-of-Service Attack
  • 8. Engaging the Business
  • A Physical Security Breach
  • A Social Media Compromise
  • An Insider Threat
  • Appendix: Reporting Templates
  • Index