Tailoring Tabletop Exercises for your Entire Organization

Speakers: Michael McGuire, Godrick Egbe Tambe, Sacha Evans

This case study is a look at how we have run Tabletop exercises at the Nova Scotia Community College for audiences at various levels [executive, system administration, tier 1/2 support, and general staff], how we decide when to leverage external vendors or run them internally, ways to drive participant engagement, how to determine the key take aways for your exercises, and ways to show all participants how cybersecurity needs to be ingrained in their business practices no matter their role in the organization.

We will break down 4 very different exercises for 4 very different audiences that all used a shared scenario, what we learned from each, how we shaped the exercise for the different roles and technical knowledge for each group, our take aways form each exercise, and where we are going with Tabletops in the future.

Learning Objectives:

By the end of this session, participants will:

  • Understand what a Tabletop exercise is, and why an organization may want to add them to their cybersecurity practice
  • Learn how we decided where to use an external cybersecurity vendor or run an exercise internally
  • Learn how to encourage engagement across the audiences
  • Learn tips and tricks for getting the most out of an exercise

Speaker Bios:

Mike McGuire has over two decades of experience in IT, starting his career working as a tech in a mom and pop computer store, briefly worked as a developer for a defense contractor, supported hundreds of businesses across central Nova Scotia for an IT service company, was a campus technician supporting teaching and learning and now manages the Cybersecurity and Identity teams at the NSCC.

Sacha Evans is a senior cybersecurity analyst with 25 years experience in IT at NSCC, 10 years with the Cybersecurity team.

Godrick Egbe is a senior cybersecurity analyst specializing in web applications, network, and Active directory assessments. He helps in the identify and remediate critical vulnerabilities before they can be exploited by attackers.