We no longer support this browser. Using a supported browser will provide a better experience.

Please update your browser.

Close browser message

Treasury and Payments

Improve your working capital, reduce fraud and minimize the impact of unexpected disruptions with our treasury solutions—from digital portals to integrated payables and receivables—all designed to make your operations smoother and more efficient.

Learn more about our treasury solutions:

Commercial Real Estate

Get the strategic support to be successful throughout market and real estate cycles with insights, hands-on service, comprehensive financial solutions and unrivaled certainty of execution.

Learn more about our commercial real estate solutions:

International Banking

Global opportunities mean global challenges. But real success means understanding the local markets you serve—which is why we bring the business solutions, insights and market perspective you need. 

Learn more about our international banking solutions:

Cybersecurity and Fraud Protection

How tabletop exercises can improve incident response

An introduction to tabletop exercises and how organizations can begin practicing for cyber preparedness.

An introduction to tabletop exercises and how organizations can begin practicing for cyber preparedness.

The cyberthreat landscape is constantly evolving, with a mix of advanced nation-state actors and cybercriminals targeting organizations of all industries and sizes. While their intentions and motivations may differ, many of their methods of attack are similar and well-publicized: social engineering, phishing, business email compromise and ransomware, to name a few of the most common vectors.

In fact, according to the FBI’s Internet Crime Complaint Center (IC3), there were 3,729 complaints identified as ransomware in 2021, resulting in adjusted losses of more than $49.2 million. These tactics continued to develop throughout the last year, demonstrating an increased threat to organizations globally—and the need for companies to keep pace with the evolving threat landscape.

That’s where cybersecurity tabletop simulations come in.

A tabletop simulation is a scenario-based discussion that’s meant to simulate the various stages of an attack. These cybersecurity exercises can play a vital role in organizational preparedness by increasing awareness of cyberthreats, validating response plans and procedures, and identifying capability gaps within an organization.

“These incident response simulations are a cost-effective method that can provide a lot of value to an organization,” said Adam Bulava, Global Head of Attack Simulation for JPMorgan Chase. Simulations bring together all the relevant stakeholders from information technology and cybersecurity to human resources, media relations, sales, and other middle- and back-office staff—people that don’t interact much under normal circumstances.


Getting started

A well-designed tabletop simulation can provide a low-risk environment to familiarize key personnel with roles and responsibilities, stress test plans and foster collaboration across core functional areas of an organization.

Begin by forming a simulation planning team within your organization that will be responsible for the design, execution and evaluation of the tabletop. This team should meet regularly to determine exercise objectives, create a realistic scenario, develop supporting documentation, identify participants, manage logistics and synthesize findings for documentation in a formal after-action report (AAR).

Organizations that are new to these simulations can leverage pre-made templates and guides to help ease into the process. A guide with additional resources for small and midsize businesses is available through the Cybersecurity and Infrastructure Security Agency

Business Resiliency Healthcare Energy Government Cybersecurity and Fraud Protection

Get in Touch

Prefer to talk directly to one of our experts?