Incident Table Top Exercise
An Incident Tabletop Exercise (TTX) is a guided workshop that stress-tests your incident response plan, decision-making, and communication to reduce improvising during an incident
Practice a realistic incident scenario with decision makers.
Confirm roles, escalation paths, and communication steps across IT and leadership.
Leave with a prioritized action plan to close gaps and improve response speed.
Let’s run an Incident Tabletop Exercise for your team.
Three big “tells” that you need an Incident Tabletop Exercise…
You have an incident response plan, but nobody’s tested it end-to-end with the actual stakeholders.
In a real incident, you’re not sure who decides what—especially around shutdowns, customer impact, or public communication.
You’ve had a close call (phishing, vendor incident, suspicious access) and realized response would be chaotic if it escalated.
If this feels familiar, you’re not alone—and you can get it under control.
You want a repeatable way to rehearse incidents so response feels controlled, not frantic.
You want clear roles and decision paths for IT, leadership, Legal, HR, and Communications.
You want a real list of improvements after the exercise—what to fix first, who owns it, and what “done” looks like.
Here’s how Asher Security approaches an Incident Table-Top Exercise
Here’s how we’re going to strengthen your cybersecurity, minimize your risks, and save you time, money, and energy in 4 simple steps.
PHASE 1: DISCOVER
UNDERSTAND BUSINESS
Map critical workflows and dependencies (people, systems, data), so everyone understands what “business impact” actually looks like during an incident.
UNCOVER THREATS
Identify the most likely incident types and attack paths for your environment, so the tabletop reflects real-world threats—not theory.
SCOPE RISKS
Define what’s in-scope for the exercise—systems, teams, vendors, and impact areas—so the scenario tests what matters most to your business.
PHASE 2: CUSTOMIZE
PLAN EXERCISES
Build the scenario, timeline, and decision points (“injects”), then confirm participants and pre-read materials so the session runs smoothly.
ANALYZE EXISTING PLAN
Review your current incident response plan and workflows to spot gaps, unclear handoffs, missing contacts, and places where decisions could stall.
ALIGN ROLES & RESPONSIBILITIES
Clarify who owns what during an incident—technical actions, executive decisions, legal/compliance input, communications, and escalation paths.
PHASE 3: EXECUTE
CONDUCT WORKSHOP
Facilitate the tabletop session and guide the team through a realistic incident scenario, prompting the decisions and coordination that would be required in real time.
IDENTIFY OPPORTUNITIES
Capture what worked and what didn’t—bottlenecks, confusion, tooling gaps, and communication breakdowns—then prioritize improvements.
POST INCIDENT PLAN
Deliver a clear set of follow-up tasks and recommendations, including owners and priorities, so the exercise turns into measurable readiness improvements.
Hi, I’m Tony Asher, and I’m here to help.
Certified ISSP (Information Systems Security Professional) and CEO of Asher Security with over 20 years of experience in cybersecurity.
I help businesses skyrocket their security efforts and keep their organization’s data safe so they can continue to focus on the core of their business.
In my two decades of cybersecurity experience, I’ve worked with leading retail, defense, and financial companies, as well as some acclaimed organizations such as Piper Jaffray and Target Corp.
While working in these companies, I had access to threat intelligence, breach reports, and integrated security solutions that helped me realized that local businesses are leaving behind a massive amount of valuable, confidential data out in the open for malicious hackers and competitors to take advantage of.
To help them fill the gaps in their security, implement a proactive cybersecurity process, and make sure their confidential data is indeed confidential, I created Asher Security.
Today, I’m here to help you do the same. Sign up for your free, no-obligation consultation with me and let’s bring clarity into your cybersecurity situation and how it can be improved.
Here’s why people keep choosing Asher Security.
I would highly recommend engaging with Asher Security.
“We brought him in late Sept of last year to help build a Cyber program and help lead the efforts that surround it. He’s been a terrific resource for IT and the company and has brought structure and visibility.”
Director of Technology – Healthcare company
Helped solve a problem
Tony is wonderful. As a small nonprofit we were experiencing some difficult security issues and he was a huge help. He is thoughtful, careful and honest. We really trusted him and he helped solve a problem! I would highly recommend him
Sue Abderholden, NAMI Minnesota
The best guarantee is one you don’t need. But you get one anyway.
– Your organization’s data will be safe.
You can sleep blissfully and throw off this burden knowing your organization’s security was in the right hands. Through implementing the right security solutions, running constant tests, and reporting the results, we’ll keep proving to you that you’ve made the right choice on your approach to cybersecurity.
– You’ll save time, money, and energy.
The goal of a vCISO service is to help you increase your security, give you clarity on security processes, and save you a ton of money by decreasing your risk in the short and long-term. This way, you can focus on the parts of your business you truly enjoy and not have to worry about any threats to your security.
– You’ll work with a disciplined, perceptive strategist.
When it comes to cybersecurity, you can’t afford to just throw bills at some “expert” and trust that they’ll do a good job. You need someone who is constantly learning, reporting, updating you, and running continuous tests to make sure that you and your organization’s data are safe. You need Asher Security.
Reach out. Set up a no-obligation meeting. Meet your virtual CISO
Note: How we use your data:
* We’ll contact you to arrange our meeting.
* We’ll keep you posted on free resources and information.