Theory to Action: Up-Leveling Your TableTop Exercises For Modern Day Threats.

Many security peers and practitioners have often been involved in TableTop Exercises that touch on a myriad of topics and potential scenarios. This has been a time honored practice to keep business units alert and ready to respond.

Often times during my career I have noticed TTX's lacking creativity, real world application to the business and poor engagement by participants. It was simply going through the motions and feeling of feigned readiness across the board.

The world we live in is dangerous, unpredictable and often times sits on a swords edge, with one false rocket launch, political statement or airstrike away from a full scale conflict enveloping the globe. This may seem scary to some, but this opportunity allows us to see real world conflict unfold, impacts to the business and how we can respond to those threats, or better yet, identify our gaps.

Below I touch on a few points on why we as security practitioners need to be up-leveling our TTXs from simple evacuation scenarios, to full fledged conflict events, allowing for creativity and critical thinking to flourish.

1. Risk Identification and Mitigation

Geopolitical events, such as trade wars, sanctions, political instability, or military conflicts, can disrupt global supply chains, affect market conditions, or even endanger physical assets or personnel. By simulating scenarios involving these geopolitical developments, businesses can identify risks before they escalate and put mitigation plans in place. No idea is too granular or too broad. Past conflicts and wars often repeat themselves within history, albeit under a new coat of paint and new dynamic power players, but the thought process remains the same.

For example:

• How might a trade embargo on a country impact the availability of key components or materials?
• What will be the effect of a change in international policy on the company’s operations or market position?
• What would occur for European businesses if a tactical nuclear weapon was used in frontline Europe?

2. Crisis Management and Decision-Making

Geopolitical tensions can quickly lead to crises, whether economic, cyber-related, or physical security incidents. Tabletop exercises help businesses and GSOCs practice crisis management in a controlled but real time environment. Going beyond simply creating scenarios, TableTop managers should feel empowered to create "X" factors or "mutators" within scenarios that are not shared prior, such as Cyber Security personnel on the call are unable to respond for 1 action slide, how does the team respond now? Being able to make decisions and manage crisis gaps beyond what is presented in the scenario creates a critical level of thinking needed to address these real world problems,

Further examples:

• Do you evacuate employees prior to a potential blockade in the South China Sea without creating undo panic?
• What decisions would your business make if NATO was drawn into a broad conflict within the European theater?
• What would further Middle East Conflict and a Failed Peace Resolution do for employees traveling to these regions for critical business?

3. Improved Coordination and Communication

In the event of geopolitical incidents, there is a critical need for cross-functional coordination between departments such as legal, operations, security, IT, and communications. Tabletop exercises simulate these types of crises and help develop clearer communication protocols. Creating difficult choices and creative thinking allows business units to bring new fresh ideas into the scenario which in turn could help create new procedural criteria, lessening the time it takes to involve all members of the team in a unified response.

This is especially relevant for GSOCs, which often have to manage the logistics and communications during a crisis, ensuring the safety of personnel and continuity of operations across multiple regions and task tracking.

4. Cybersecurity Threats and Information Warfare

Geopolitical tensions often lead to an increase in cyberattacks, misinformation campaigns, and information warfare. GSOCs and corporate security teams must be prepared for the possibility that a geopolitical conflict could spill over into the digital space. By running tabletop exercises based on current geopolitical issues, businesses can better anticipate cyber threats, develop cybersecurity strategies, and practice defending their digital assets in real-world scenarios.

For example:

• How would the company respond if a foreign government-backed cyberattack targets their systems during a geopolitical crisis?
• What steps would be taken to protect sensitive data and mitigate reputational damage in the event of an information warfare campaign?
• What would a business do if a traveler with a laptop was stuck in a blockaded location and the laptop is unable to be rendered unusable?

Be Intentional

Tabletop exercises (TTXs) are no longer just a box to check off or a routine practice to maintain a semblance of readiness. As security professionals, it is our responsibility to push the boundaries of traditional TTXs and elevate them to a level that reflects the unpredictable, high-stakes world we live in. The global security landscape is increasingly complex, with geopolitical tensions and crises occurring at a rapid pace, each of which could have direct, far-reaching implications for our organizations. By crafting exercises that simulate these real-world challenges—ranging from geopolitical conflicts to cybersecurity threats—we can not only identify potential vulnerabilities, but also prepare our teams to think critically, act decisively, and respond cohesively under pressure.

It's essential that we move beyond scripted, predictable scenarios and create environments where creative problem-solving, cross-functional collaboration, and adaptability are key to success. When done right, TTXs provide an invaluable opportunity to identify gaps, refine response strategies, and strengthen the resilience of our operations and personnel. In a world that is ever more interconnected and fragile, the ability to respond effectively to crises is not just a matter of best practices, but a necessity for ensuring the safety of our people, the continuity of our business, and the protection of our assets.

As we continue to refine our tabletop exercises, let us embrace the challenges of an uncertain world and use them to cultivate a culture of preparedness that is not only reactive, but proactive—equipping our teams to face the complexities of tomorrow, today.