All services

OT Tabletop Cyber Crisis Management

Cyber "Fire" drill for OT environments

Cyber-attacks can seriously impact the processes of Operational Technology (OT) and Industrial Control systems (ICS). Being well prepared is essential. A Tabletop Cyber Crisis Management Workshop helps you prepare your response to a cyber-attack. It can also help you perfect your OT Disaster Recovery Plan and Crisis Management Plan.

Are you prepared?

Is your organization prepared for a cyberattack or a large-scale security incident on your OT systems? Ask yourself these questions:

  • Does your team know what to do and how to recover when all Operator Interfaces (HMIs) are unavailable?
  • What is the impact on production or safety?
  • What are everyone's responsibilities?
  • Is external support from the industrial control system (ICS) vendor required?
  • Who are the first points of contact?

You don't want to look for the answer to these questions during an incident. Secura can help you prepare with the OT Tabletop Cyber Crisis Management Workshop. It is a cyber "Fire" drill for OT environments.

Simulation of a severe cyber incident

Are you prepared for a severe cyber incident?

Challenges in OT

As a long established and leading expert in cybersecurity, Secura is aware of the challenges within OT environments. Often the responsibilities are less well defined than in IT departments.

Most organizations lack dedicated OT security specialists. Engineers don’t always have the necessary expertise to deal with complex security issues. This increases the importance of a solid and verified plan.

Especially because cyber incidents in your industrial control systems can directly impact primary business processes and safety of your staff.

That's why we advice you to do an OT Tabletop Cyber Crisis Management Workshop to raise cyber resilience of your organization.

Practicing for disaster

During the OT Tabletop Cyber Crisis Management Workshop, you will practice operational procedures for dealing with high impact cyber incidents, for example a ransomware scenario. Think of this as the cyber equivalent to the annual fire drill.

The goal of the Tabletop is to help you to:

  • Verify and improve your plans for Disaster Recovery and/or Crisis Management.
  • Identify gaps in policies for backup, restoring, security monitoring and disaster recovery.
  • Gain insight into different roles during a crisis.

The scenarios and our approach are based on NIST standard SP 800-84 to effectively prepare and execute cyber incident exercises.

How OT Tabletop Exercise works

OT Tabletop Workshop

How does the Tabletop session work?

Over the course of the exercise, the participants will receive information, simulated reports and challenges that contribute to the scenario. We will take the time to evaluate the steps taken during the simulation.

The participants learn how to act effectively as a team during an incident. This means the exercise also contributes to team building and developing mutual respect.

Tabletop IT - Preparation

Preparation

During preparation, we jointly determine the scope of the exercise. We will collect the documents about the OT environment, such as OT system diagrams, the OT disaster recovery plans and the crisis infrastructure within the organization.

The scenario will be tailored to the specific OT network and organizational structure in scope. Based on the defined goals and content of the exercise we can determine the required participants, like OT, IT, Management, or vendors.

Tabletop IT - Crisis Training

Crisis training

The tabletop begins with an introduction of high impact OT cyber security incidents. Secura gives a presentation about ransomware and the threat it can pose to your organization. The second part of the training focuses on the crisis process and disaster recovery in your organization. We engage participants in an interactive discussion about the current processes within your organization and whether they are up-to- date.

Tabletop IT - Cyber Crisis Exercise

Cyber crisis exercise

The main part of the tabletop is built around a simulated incident in which the participants conduct a crisis consultation. The simulated incident covers everything from initial detection of a small security issue to the full-scale escalation, crisis management and disaster recovery.

Tabletop OT - Evaluation

Evaluation

You will receive a report with observations, lessons learned and recommendations for adjusting the Disaster Recovery and Crisis Management plans.

Disaster Recovery Plan and Crisis Management Plan

The exercise works best if you have a Disaster Recovery Plan (DRP) or a Crisis Management Plan (CMP) in place.

OT Disaster Recovery Plan (DRP)

A Disaster Recovery Plan, or DRP, is a comprehensive plan that covers full recovery of the OT network, including the industrial controllers, SCADA systems and other vital components. Recovery order, system dependencies, required resources and tools, reliable backups, tested procedures and validation processes are all required for a successful and fast recovery.

During the preparation of the OT Tabletop, we check whether this plan exists and is successfully implemented. If you do not have a Disaster Recovery Plan, Secura can provide support to review or create one, based on relevant controls specified in NIST CSF and IEC 62443-2-1 and matched to the current infrastructure.

OT Crisis Management Plan (CMP)

A Crisis Management Plan, or CMP, is all about managing the crisis on a company level, including decision-making and communication. Most organizations have a general plan, but they don’t always cover disasters caused by cyber and/or cyber incidents in OT.

During the Tabletop we will review the existing Crisis Management Plan. If needed, Secura can help you improve or create this plan.

Take action now

Don't wait until disaster strikes. Prepare your organization for severe cyber incidents through our established OT Tabletop Cyber Crisis Management Workshop. Fill out the form below and we will contact you within one business day to help you raise your cyber resilience.

About Secura

Secura is a leading expert in cybersecurity. Our customers range from government and healthcare to finance and industry worldwide. Secura offers technical services, such as vulnerability assessments, penetration testing and red teaming. We also provide certification for IoT and industrial environments, as well as audits, forensic services and awareness training. Our goal is to raise your cyber resilience.

Secura is a Bureau Veritas company. Bureau Veritas (BV) is a publicly listed company specialized in testing, inspection and certification. BV was founded in 1828, has over 80.000 employees and is active in 140 countries. Secura is the cornerstone of the cybersecurity strategy of Bureau Veritas.

Fact sheets

Factsheet OT Tabletop Workshop
OT Tabletop Fact Sheet

Download our fact sheet with details on the OT Tabletop Workshop.

Download fact sheet file_download

Related media

Webinars
Webinar | Raising Cyber Resilience in Offshore Wind
27 Feb, 2023
Secura Contact Shape

Raising Your Cyber Resilience


Discover your best next steps to protect your organization from cyber attacks.

+31 (0) 88 888 31 00 Monday – Friday 9:00-17:00 CET info@secura.com
Secura Contact Us Path Secura Contact Us Shape
Call me back Contact us
Partners of Secura

Cybersecurity is more than technology alone. Secura collaborates with partners in compliance and risk management, integrated application security, privacy, IT- and internet law and certification.

HSD The Hague Security Delta
Cyberveilig Nederland
PECB