Giddeon N. Angafor scite author profile

The surge in cyber security breaches including the shortage of skilled cyber incident response (CSIR) professionals and the ever-changing cyber threat landscape is a big concern for the security industry. As a result, training providers are seeking innovative ways to tackle current security challenges. Businesses in public and private sectors recognize the importance of implementing effective cyber security measures, one of which is training their employees. Many are taking active steps to ensure that employees and cyber security incident response teams (CSIRTs) can identify and respond to breaches through state-of-the-art training. There are indications that pioneering training programs like serious games (SGs), including tabletop exercises (TTXs), can play a role in CSIR training. This paper reviewed TTX related SGs literature, analyzed existing CSIR training exercises and reported how TTXs are currently being used in CSIR training. It also discussed why TTXs are increasingly becoming a popular tool for CSIR and emergency response (ER) training, analyzed the strengths and weaknesses of the current research and identified areas for future research. The findings suggest that TTX training improves the awareness, understanding, and preparation levels of CSIRTs. That TTXs enhance their strategic decision-making, enabling CSIRTs to be better prepared when dealing with security incidents. It observed that TTX related training improved the skills and aptitudes of CSIRTs and security operative center personnel. TTXs assist trainees to acquire and demonstrate both technical and nontechnical skills, including soft skills which are essential but often observed to be lacking in new graduates and some experienced technically minded personnel. TTX training augments traditional methods like classroom lectures by providing opportunities for experiential learning and practice-based approaches in dealing with real-life problems. K E Y W O R D S cybersecurity, cybersecurity training, incident response, serious games, tabletop exercises This is an open access article under the terms of the Creative Commons Attribution-NonCommercial-NoDerivs License, which permits use and distribution in any medium, provided the original work is properly cited, the use is non-commercial and no modifications or adaptations are made.

show abstract

Scenario-based incident response training: lessons learnt from conducting an experiential learning virtual incident response tabletop exercise

Angafor

Yevseyeva

Μαγλαράς

2023

ICS

View full text Add to dashboard Cite

Purpose This paper aims to discuss the experiences designing and conducting an experiential learning virtual incident response tabletop exercise (VIRTTX) to review a business's security posture as it adapts to remote working because of the Coronavirus 2019 (COVID-19). The pandemic forced businesses to move operations from offices to remote working. Given that this happened quickly for many, some firms had little time to factor in appropriate cyber-hygiene and incident prevention measures, thereby exposing themselves to vulnerabilities such as phishing and other scams. Design/methodology/approach The exercise was designed and facilitated through Microsoft Teams. The approach used included a literature review and an experiential learning method that used scenario-based, active pedagogical strategies such as case studies, simulations, role-playing and discussion-focused techniques to develop and evaluate processes and procedures used in preventing, detecting, mitigating, responding and recovering from cyber incidents. Findings The exercise highlighted the value of using scenario-based exercises in cyber security training. It elaborated that scenario-based incident response (IR) exercises are beneficial because well-crafted and well-executed exercises raise cyber security awareness among managers and IT professionals. Such activities with integrated operational and decision-making components enable businesses to evaluate IR and disaster recovery (DR) procedures, including communication flows, to improve decision-making at strategic levels and enhance the technical skills of cyber security personnel. Practical implications It maintained that the primary implication for practice is that they enhance security awareness through practical experiential, hands-on exercises such as this VIRTTX. These exercises bring together staff from across a business to evaluate existing IR/DR processes to determine if they are fit for purpose, establish existing gaps and identify strategies to prevent future threats, including during challenging circumstances such as the COVID-19 outbreak. Furthermore, the use of TTXs or TTEs for scenario-based incident response exercises was extremely useful for cyber security practice because well-crafted and well-executed exercises have been found to serve as valuable and effective tools for raising cyber security awareness among senior leadership, managers and IT professionals (Ulmanová, 2020). Originality/value This paper underlines the importance of practical, scenario-based cyber-IR training and reports on the experience of conducting a virtual IR/DR tabletop exercise within a large organisation.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Giddeon N. Angafor

Bridging the Cyber Security Skills Gap: Using Tabletop Exercises to Solve the CSSG Crisis

Game‐based learning: A review of tabletop exercises for cybersecurity incident response training

Scenario-based incident response training: lessons learnt from conducting an experiential learning virtual incident response tabletop exercise

Contact Info

Product

Resources

About