Scribd Logo
Upload

Welcome to Scribd!

  • CMA CCTE Checklist 1903 PDF

    Uploaded by

    MK
    81 views5 pages

    Original Title

    CMA-CCTE-Checklist-1903.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    81 views5 pages

    CMA CCTE Checklist 1903 PDF

    Uploaded by

    MK

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Cyber Crisis Tabletop Exercise

    (CCTE) Checklist
    About Cyber Management Alliance
    Established in 2015, Cyber Management Alliance Ltd is one of the world’s leading cyber incident & crisis management service
    providers offering advisory, executive training and bespoke workshops in all aspects of cyber crisis management, incident
    planning, incident response testing and tabletop exercises.

    Cyber Management Alliance (CM-Alliance) is also the creator of the internationally-acclaimed NCSC-Certified, Cyber Incident
    Planning and Response (CIPR) course.

    Previous attendees of the NCSC-Certified CIPR course and tabletop exercises include organisations including the United
    Nations, UK Ministry of Defence, several UK Police Forces, NHS Trusts, European Central Bank, Swiss National Bank, Microsoft,
    Ernst and Young, BNP Paribas and many others.

    Services & Training Summary


    At CM-Alliance, we believe that practice makes perfect when it comes to cyber crisis management. As part of our Cyber
    Incident & Crisis Management training and workshops we offer:

    n Incident Planning & Response: This training is certified by the UK Government’s NCSC and is titled Cyber Incident Planning
    & Response. This certified course is highly interactive and covers the various tactical and strategic elements of planning
    for a cyber-attack. The Building & Optimising Incident Response Playbooks workshop focuses on creating and optimising
    incident response playbooks.

    n Crisis Management Tabletop exercises: Our Cyber Crisis Tabletop Exercises (CCTE) are verbally simulated, business-
    impacting, cyber-crisis scenario sessions where attendees discuss and review their actions and decisions.

    n Trusted Advisory: Also referred to as vCISO (Virtual Chief Information Security Officer) our service is cost-effective and
    commercially viable to organisations of all sizes and covers cybersecurity, privacy, audits and assessments.

    TRUSTED ADVISORY & RETAINER SERVICES


    Cyber Incident & Crisis Management (CICM)
    GAP Assessments & Audit

    Incident & Response Planning Crisis Management


    Crisis Retainer Services

    Regulatory &
    UK Government, Audit Track
    GCHQ-Certified Building & Optimising
    Cyber Crisis Tabletop
    Cyber Incident Incident Response
    Exercise (CCTE)
    Planning & Response Playbooks Playbooks
    (CIPR) Track

    Bespoke Planning & Playbook Workshops Executive Briefing and Awareness Sessions

    Specialist Community Gatherings: Wisdom of Crowds


    © 2020 Cyber Management Alliance Ltd

    2
    Cyber Crisis Tabletop Exercise
    (CCTE) Checklist
    What to do Check
    The only way you can determine if your incident response plans will work during a real crisis is to test them
    in a structured and safe way.
    To find out about how we support organisations with running cyber incident response workshops,
    please visit cm-alliance.com email us at info@cm-alliance.com or phone us on +44 (0) 203 189 1422.

    Type of Exercise
    n Determine type of exercise: c
    n Tabletop: Paper-driven, verbally and visually simulated, with injects c
    (Highly cost-effective, safe, and easy to execute)
    n Hybrid: A mix of paper-driven with mix of real injects c
    (eg: real phishing email is delivered into inbox)
    n Full Live: Full on with all real injects (example: real email, custom malware etc.) c
    (cost prohibitive and difficult to execute)

    What to do Check
    Participants
    n Identify participants for the tabletop exercise: c
    n From all key departments c

    n Communicate regularly c

    n Clearly structured communications c

    n Clear notes in calendar invitation c

    What to do Check
    Pre-Exercise Collateral
    n Create pre-exercise presentation for participants and include: c
    n Ground rules c
    n High level scenario c
    n Expectations during the scenario c
    n Commitment to attend c

    n If possible present to them rather than distribute the document c

    Continued...

    3
    CCTE Checklist (cont)

    What to do Check
    Scenario
    n Design realistic cyber-attack scenario: c
    n Must be organisation specific c
    n Have a significant impact on the business c
    n Include critical assets c
    n Realistic threat actors c

    What to do Check
    Observers
    n Identify the observer(s) c

    n Ensure they are skilled c

    n Describe their role c

    n Seek formal commitment c

    n Sign confidentiality agreement (if necessary) c

    What to do Check
    Formal Report
    n Demand formal report with assessment c

    n Report must identify gaps and recommendations c

    n Formal maturity scoring to monitor improvements c

    4
    info@cm-alliance.com https://cm-alliance.com +44 203 189 1422 @cm_alliance

    You might also like