The Cyber Incident Response Tabletop Exercises are provided by IT Governance’s sister company GRCI Law Limited, a specialist in data privacy, cyber security, and legal and compliance advisory services.
This service is currently being updated. Please contact us for more information.
Our consultant will develop tabletop exercises – bespoke to your organisation – focused on your current cyber incident response capability and your risks and concerns.
The exercises will test and engage staff from across your business to highlight deficiencies, advise on improvements and ensure that everyone knows what to do in the event of an incident.
Download the full service description here
Depending on your organisation’s objective(s), our consultant will provide the following support:
A dedicated consultant will develop and guide the bespoke exercises for management and staff so that you can be confident your organisation can recover from an incident.
Cyber incident response plans should be exercised at least annually to ensure they remain effective. Exercises also help ensure you meet any obligations, such as the PCI DSS (Payment Card Industry Data Security Standard), and the NIS Directive and Regulations (Network and Information Security Directive and Regulations).
At the conclusion of the exercises, our consultant will write a report that describes their observations, highlights gaps and issues encountered, and identifies areas for improvement.
This service is based on a combination of the good-practice cyber incident response framework developed by CREST and the international standard on incident management, ISO/IEC 27035.
Cliff Martin heads the cyber incident response service within GRCI Law.
He began his career teaching computer systems and network technologies in further- and higher-education institutions.
Cliff then worked in the defence industry, where his main areas of expertise were risk management and accreditation, incident management and response, and secure systems architecture and configuration.
His key qualifications include:
Cliff understands the complexity of cyber security incidents and their potential impact on an organisation, its users and/or its customers.