In this interview with Truvantis CEO Andy Cottrell, Aaron Wheeler discusses conducting tabletop exercises and how his clients derive value.
What is a Tabletop Exercise?
“It's a chance for clients to stress test environment policies and procedures. In our case, business continuity, and security incident response. But you really can do it for any major policy that you want to see in action. “
How do You Conduct a Tabletop Exercise?
“You sit down and you're presented with a scenario. I develop a scenario based on what they say they should do in a certain situation, present them with that and have them work through it.”
“I present clients with this situation and it gives them a chance to work through ideas, solutions and see where the problems are. It’s a safe environment to stumble, fall and have hiccups. I always think of Dungeons and Dragons. I get to play the Dungeon Master.“
Why Do Your Clients Like Doing Tabletop Exercises?
“It's not life or death for them at that point. They can test things and learn in a safe environment. They go through the process, make changes, make it more efficient, effective and economical.”
“I often tell my clients, Murphy's listening, Tomorrow the unthinkable will happen.
It’s not if you get hacked, it's when you get hacked.”
CISAAaron Wheeler is a Security Consultant at Truvantis and has 10 years of Internal Audit experience. He is dedicated to helping clients understand cybersecurity requirements and architect their environments to support security by design.
Aaron Wheeler is a Security Consultant at Truvantis and has 10 years of Internal Audit experience. He is dedicated to helping clients understand cybersecurity requirements and architect their environments to support security by design.
Listen to the Full Interview
Truvantis is a security, privacy and compliance consulting firm providing best-in-class services to secure your organization's infrastructure, data, operations and products.
At Truvantis, we've built security and privacy programs for organizations, large and small. We specialize in helping our clients improve their business resilience and manage their business risk by implementing testing, auditing and operating information security programs.
Our world-class services include security testing and a wide range of flexible compliance and vCISO programs. Truvantis is also an authorized PCI DSS Qualified Security Assessor (QSA) Company.