Tabletop Exercises (TTX)

At CIS, we believe everyone deserves a secure online experience. We recognize that security is a shared responsibility between users, administrators, and technical professionals. The Business Resiliency Working Group have developed these tabletop exercises to help cybersecurity teams develop tactical strategies for securing their systems. This group of volunteers focuses on the processes, tools, and best practices related to public sector business continuity and recovery—not only of technology assets, but also recovery of the entire organization, including people, locations, and communications.

How to Use These Tabletop Exercises

Tabletop exercises are meant to help organizations consider different risk scenarios and prepare for potential cyber threats. All of the exercises can be completed in as little as 15 minutes, making them a convenient tool for putting your team in the cybersecurity mindset. In addition, each scenario will list the processes that are tested, threat actors that are identified, and the assets that are impacted.

Tips and Tricks

  • Designate a single individual to facilitate the exercise.
  • Break the scenario into meaningful learning points.
  • Read the scenario aloud to the group and ensure their understanding.
  • Facilitate a conversation about how your organization would handle the scenario, focusing on key learning points as you discuss.
  • Include applicable members of other business units.
  • Use the After Action Report to follow up on any gaps identified during the exercise.

Download a TTX

Who Can Participate in the Business Resiliency Working Group?

Any MS-ISAC or EI-ISAC member from any state, local, tribal, or territorial government.

How Do I Join the Business Resiliency Working Group?

Complete the registration form and a member of our team will get in touch with you soon. To ask a question, contact [email protected].

Share your expertise by joining one of our Working Groups today!