Shane Bell
[McGrathNicol]
Shane has more than 18 years experience managing technology and information risk in business, with a particular focus on cybersecurity, digital forensics, data and information governance, eDiscovery and technology-led investigations.

With a background in active military service, Shane is highly trained in management and leadership in stressful situations. He works with boards, executive teams and business leaders, helping them proactively and reactively manage technology and information risk in their business. Whether their ecosystems, technology supply chains or strategic objectives change, or if they are required to respond to urgent or unplanned matters, Shane provides expert advice to help businesses manage risk and solve problems.

Shane is highly regarded in his field and has presented evidence in Court in relation to disputes or potential disputes between both domestic and international parties, particularly where technology-related aspects require clarification.

Tutorial: Conducting Cyber Tabletops – A Practical Guide on How to Develop a Scenario Exercise

A consistent industry theme is that organisations of all shapes and sizes should conduct cyber table top exercises.

By working through breach scenarios organisations can improve their ability to respond to a real cyber threat. Despite proven benefits few Australian organisations have the confidence to perform scenario tabletops.

This often stems from difficulty in understanding how a cyber scenario should be developed, and how effective tabletop exercises are delivered.

There is no one size fits all approach for workshops however common key principles exist. The purpose of this tutorial is to provide audience members with an overview of the steps involved in preparing for and delivering cyber tabletop exercises, and strategies to maximise the benefit of a scenario workshops.

Some of the issues this session will explore include:

a) Preparation that should be undertaken prior to developing a tabletop workshop such as incident response plan development, IR team identification, accountability assessments, threat identification and gaps analysis resilience;
b) Identifying the individuals within the organisation and any third parties that should be involved in the cyber risk scenario;
c) The factual investigations that should be performed to help develop an appropriate cyber risk scenario, including how to identify industry specific risks, incorporating legal and regulatory items, and leveraging available information on breach costs and reputational harm example;
d) How a tabletop should be customised to the organisation’s incident response process and what critical thinking issues the scenario should raise for participants;
e) Options for delivering the workshop scenario including event structure, formulating what information to provide to participants, developing evolving scenario elements and facilitating discussion items; and
f) How to incorporate information and lessons learned from a tabletop to improve the organisation’s resilience and ability to respond to an event.

Spaces Selling Fast!