CypherCon 2024

Cyber Crisis Craft: Designing Effective Tabletop Scenarios

Thomas Freeman & Kenneth R. Squires

Abstract:

Attendees will learn the art of building realistic and challenging cybersecurity tabletop exercises to strengthen their organizations’ incident response capabilities. This talk will explore the methodology behind creating tailored scenarios that simulate high-pressure cyber crises, encouraging participants to think critically and react efficiently.

Importance: Attendees will gain valuable insights into the essential elements of a successful tabletop exercise, including scenario development, role assignment, and after-action reviews. The session aims to empower IT professionals with the confidence to develop exercises that not only test but also enhance their teams’ preparedness for real-world cyber threats.

Thomas Freeman & Kenneth R. Squires

Nobody ever says table bottom scenarios…

Kenneth R. Squires, CDPSE, CISA, CISSP, CRISC, HCISPP, NSA IAM

Kenneth brings over 25 years of experience in risk management and cybersecurity to his current role at Sikich. His strong technical abilities, leadership skills and success in the private sector are products of his extensive experience in the financial services industry along with his tenure in the U.S. Marine Corps. Ken focuses on strategic executive-level cybersecurity governance and program management. His military service as a COMSEC Administrator provided him a solid foundation in network security and information systems, which he adeptly translates into his career today.

 

Thomas Freeman, CISSP, CISA, CISM, GPEN, GCIH, GCIA, GCWN

Thomas is a Director leading the Sikich offensive services including the penetration testing and forensic incident response teams. He has spent more than 25 years providing IT leadership, and his consulting expertise helps companies understand and build best-practice information security programs. In his engagements, Thomas taps into his education background to provide clients insight that they can use to strengthen their security posture and culture. Thomas is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Certified Information Security Manager (CISM), and holds Global Information Assurance Certifications (GIAC), including as a GIAC Penetration Tester (GPEN), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA) and GIAC Certified Windows System Administrator (GCWN). He is also a member of ISACA and FBI InfraGard.