Cyber Resilience: Incident Response Tabletop Exercises
Plan. Prepare. Protect.
Every day, companies face a barrage of attacks from cybercriminals looking to gain access to IT systems to steal sensitive data and do harm. To be ready, it is critical to have a robust incident response plan that can be deployed against cyber threats when they arise
ArmorText and the international law firm of Crowell & Moring LLP are pleased to offer a collection of innovative guides, that provide realistic simulations of current cyberattacks and include content addressing regulatory compliance in the wake of an attack. Written for C-suite executives, in-house counsel, and incident response teams, the collection is a robust resource for leaders as they help their organizations mitigate cyber threats and strengthen their incident response capabilities.
Q2 2024: What will I find inside?
Our latest publication offers two new scenarios that incorporate three recent trends: threat actors targeting key executive communications, social engineering attacks incorporating AI, and additional scrutiny from global regulators, shareholders, and other key stakeholders on how victims’ management teams handle and communicate about incidents.
- Rapid Exploitation: Escalating attacks involving social engineering, unauthorized software installations, high-value data exfiltration, reputational damage, compromised communications, and targeted reconnaissance of security professionals' enterprise communications.
- Disclosure Dialogues: Preparing for responsible disclosure of cybersecurity incidents with material impact in light of increased scrutiny from regulators, shareholders, and other key stakeholders on how companies and their management teams respond to and communicate about cybersecurity incidents.
2023: What will I find inside?
Cyber Incident Response: Tabletop Exercises 2023 outlines three cybersecurity scenarios modeled after real-world events and provides facilitators a sophisticated toolkit to lead their teams through all aspects of their tabletop exercises, including incident response, business continuity concerns, and post-incident obligations. Scenarios include:
- When disaster strikes: When a ransomware attack occurs and a demand is coming.
- Staying alive: When the threat actor accesses privileged credentials and still may be in company systems.
- Rogue executive: Preventing the loss of sensitive information upon an executive’s public departure.
Using Signal or WhatsApp for Incident Response? Here's a Checklist of Out-of-Band Compliance and Security Considerations
For those concerned by reports of increased attention by North American and European regulatory bodies around the use of ephemeral messengers that may not meet business records retention requirements, ArmorText has prepared a conversation starter exploring policies, procedures, and compensating technologies to consider when leveraging consumer encrypted messaging platforms (e.g., Signal and WhatsApp) or other consumer-focused applications in the enterprise.
This checklist is not legal guidance, but rather provides a starting point for discussion around:
- Onboarding / Offboarding
- Collection / Reconstruction of Audit Trails
- Remediation / Risk Reduction
- Policy Enforcement
- Federation Governance / Participant Management
We recommend seeking the advice of counsel to help assess which of these you may want to consider addressing and which may not be relevant to you at this time.
Learn more about how to use this guide from the authors
Join our webinar, “Cyber Resilience: Conducting an Incident Response Tabletop Exercise,” that will explore how use the guide’s modules and injects and run a tabletop dynamically on Tuesday, Nov. 7, 2023 at 1 pm ET. The webinar will walk executives through facilitating a tabletop exercise, step by step, and provide practical insights along the way.
ArmorText is a leading provider of Secure Out of Band Collaboration™ solutions, trusted by banking, healthcare, oil & gas, manufacturing, governments, and other critical infrastructure entities around the world. ArmorText’s secure collaboration platform protects day-to-day security operations, incident response, and the exchange of threat intelligence for sector-wide collective defense.
According to The Forrester Wave™: Secure Communications, Q3 2022, “ArmorText excels at enabling out of band communications… [and] is a great fit for security operations, incident response communications and collaboration, as well as multi-organization threat intelligence sharing.”
Crowell & Moring LLP is an international law firm with offices in the United States, Europe, MENA, and Asia. Drawing on significant government, business, industry and legal experience, the firm helps clients capitalize on opportunities and provides creative solutions to complex litigation and arbitration, regulatory and policy, and corporate and transactional issues. The firm is consistently recognized for its commitment to pro bono service as well as its programs and initiatives to advance diversity, equity, and inclusion.