ArmorText and Crowell & Moring release innovative tabletop exercise toolkit
Today, ArmorText, a leading secure out-of-band communications platform, and the international law firm of Crowell & Moring released an innovative guide, Cyber Resilience: Incident Response Tabletop Exercises 2023. Written for C-suite executives, in-house counsel, and incident response teams, the toolkit is a resource for leaders as they help their organizations mitigate cyber threats and strengthen their incident response capabilities.
Cyber Resilience: Incident Response Tabletop Exercises 2023 explains what these exercises are, why they are valuable for organizations to conduct, and outlines three cybersecurity scenarios modeled after real-world events. The guide provides exercise planners and facilitators an innovative toolkit to lead their teams through their tabletop exercises, including topics related to incident response, business continuity concerns, legal risk, and post-incident obligations. Scenario themes include:
- When disaster strikes: A ransomware attack occurs and a demand is coming.
- Staying alive: Threat actors access privileged credentials and may still be in company systems.
- Rogue executive: Potential loss of sensitive information upon an executive’s departure.
ArmorText and Crowell will also host a webinar, “Cyber Resilience: Conducting an Incident Response Tabletop Exercise,” that will explore how to use the guide’s modules and run a tabletop dynamically on Tuesday, Nov. 7, 2023 at 1 pm ET. The webinar will walk executives through facilitating a tabletop exercise, step by step, and provide practical insights along the way.
Navroop Mitter, CEO of ArmorText, said, “There is a glaring disconnect in the cybersecurity world between what companies experience during typical tabletop drills versus the tumult of actual cyber emergencies. We are partnering with Crowell to publish this powerful guide for the public’s use because we believe everyone benefits when organizations strengthen their cybersecurity, and there is no better tool than preparedness.”
The guide also highlights the increased emphasis on the role the C-suite, senior leadership, security personnel, and the board play in overseeing cybersecurity, and, in particular, incident response preparedness. Recent federal and state cybersecurity-focused regulatory changes, as well as new requirements for government contractors, underscore the increasing pressure executives face as they ensure that their organizations’ incident response capabilities are effective and timely, as well as comply with the evolving regulatory landscape. Government agencies, including Department of Defense, Securities and Exchange Commission, Federal Energy Regulatory Commission, New York State Dept. of Financial Services, and Cybersecurity and Infrastructure Security Agency, have all announced new rules or requirements in recent years that have a direct impact on corporate cybersecurity.
Matthew B. Welling, a partner in Crowell’s Privacy & Cybersecurity Group, said, “Tabletops are becoming an increasingly important cyber risk management practice. Our guide is a starting point, and it spotlights not only the importance of technical responders but also the key role of executives, who are under increasing scrutiny to understand their cybersecurity readiness and know how to handle incidents when they arise. The guide also prompts leaders to consider ways they can meet evolving regulatory requirements and protect their assets.”
ArmorText and Crowell have made the guide available to the public because they see the importance of helping organizations plan more effective exercises. ArmorText and Crowell have published the guide’s scenarios under a creative Commons (CC-BY-NC) license, which allows the free use, distribution, and modification of the materials provided, as long as proper attribution is given to ArmorText and Crowell & Moring. The guide is intended to be an adaptable resource that allows exercise planning and facilitation teams to tailor their content to their organizations’ respective needs.
Contributors include: Mitter and Welling, as well as Crowell partner Evan D. Wolff, co-chair of the firm’s Privacy & Cybersecurity Group and a former senior leader at the Department of Homeland Security, as well as Matt Calligan, director of growth markets at ArmorText.
To download Cyber Resilience: Incident Response Tabletop Exercises 2023 and register for the upcoming webinar, visit www.crowell.com/cybertabletop.
About ArmorText
ArmorText is a leading provider of Secure Out of Band Collaboration™ solutions, trusted by banking, healthcare, oil & gas, manufacturing, governments, and other critical infrastructure entities around the world. ArmorText’s secure collaboration platform protects day-to-day security operations, incident response, and the exchange of threat intelligence for sector-wide collective defense. According to The Forrester Wave™: Secure Communications, Q3 2022, “ArmorText excels at enabling out of band communications… [and] is a great fit for security operations, incident response communications and collaboration, as well as multi-organization threat intelligence sharing.”
About Crowell & Moring LLP
Crowell & Moring LLP is an international law firm with offices in the United States, Europe, MENA, and Asia. Drawing on significant government, business, industry and legal experience, the firm helps clients capitalize on opportunities and provides creative solutions to complex litigation and arbitration, regulatory and policy, and corporate and transactional issues. The firm is consistently recognized for its commitment to pro bono service as well as its programs and initiatives to advance diversity, equity, and inclusion.