One of the most effective ways an organization can prepare for cybersecurity incidents and test out their response processes are 'tabletop exercises,' commonly used to discuss various actions in a hypothetical emergency. Veteran security consultants Robert Lelewski and John Hollenberger have run hundreds of such exercises, and they've now boiled down their vast experience planning these mission-critical events into the Tabletop Exercises handbook. Designed to take you from start to finish, the book's chapters are arranged linearly - from management's initial request to after-action review activities - empowering you to understand each and every necessary step for ensuring your tabletop is a true success. You'll see how to design a scenario that properly evaluates your team's existing controls, pinpoints your weaknesses, and encourages collaboration. You'll also examine the logistics of planning the event itself, develop effective facilitation skills, and explore ways of making process changes based on the tabletop's outcomes. Along the way, you'll learn: who to invite to your tabletop event, and why; preparatory steps, like getting an executive sponsor and forming a development team; how to properly create a realistic tabletop exercise scenario; facilitation strategies, such as audience interaction and managing the discussion. This essential soup-to-nuts resource also includes example scenarios geared at varying audiences at different levels - including infosec analysts, tech team members, non-technical employees, and executives - that you can easily adapt for your own organization depending on the goals of your tabletop.