ISTTXICInnovator ClassIC-ISTTX1.0<p>Upon completion of the training, participants will be able to:</p> <ul> <li>Translating DORA and NIS2 requirements into training concepts</li><li>Planning and facilitating tabletop exercises in a structured manner</li><li>develop realistic crisis scenarios (e.g., ransomware, third-party failure)</li><li>To evaluate decision-making processes and responsiveness</li><li>Identify vulnerabilities and develop countermeasures</li><li>to establish a sustainable TTX program within the company</li></ul><ul> <li>CISO / Information Security Officer</li><li>IT Managers and Security Officers</li><li>BCM and Risk Manager</li><li>Compliance and Audit Officers</li><li>SOC employees</li><li>Security Incident Manager</li><li>Security consultants and IT service providers</li></ul><h4>Day 1 &ndash; Fundamentals &amp; Design of Tabletop Exercises</h4><h5>Module 1: Regulatory Context (DORA &amp; NIS2)</h5><ul> <li>Overview of Resilience Testing Requirements</li><li>Incident Response &amp; Crisis Management in a Regulatory Context</li><li>Expectations of Regulators and Auditors</li><li>Common vulnerabilities encountered in practice</li></ul><h5>Module 2: Fundamentals of Tabletop Exercises</h5><ul> <li>Distinction from penetration testing and red teaming</li><li>Objectives and Benefits of TTX</li><li>Roles and Responsibilities (Management, IT, Legal, Communications)</li></ul><h5>Module 3: Designing a TTX</h5><ul> <li>Development of realistic scenarios</li><li>Building an Inject Structure (Escalation and Dynamics)</li><li>Defining exercise objectives and KPIs</li><li>Development of a training manual</li></ul><h5>Practical exercise</h5><ul> <li>Developing your own scenario in groups</li></ul><h4>Day 2 &ndash; Implementation, Evaluation, and Operationalization</h4><h5>Module 4: Conducting a Tabletop Exercise</h5><ul> <li>Live simulation of a realistic scenario (e.g., a ransomware attack involving a third-party outage)</li><li>Role-based implementation (Management, IT, Communications)</li><li>Facilitation techniques and managing the exercise</li></ul><h5>Module 5: Evaluation &amp; Lessons Learned</h5><ul> <li>Structured debriefing (Hot Wash / Debriefing)</li><li>Identification of vulnerabilities</li><li>Assessment of Responsiveness</li><li>Documentation of the results</li></ul><h5>Module 6: Mapping to DORA &amp; NIS2</h5><ul> <li>Identification of Regulatory Gaps</li><li>Prioritization of measures</li><li>Preparing for Audits and Inspections</li></ul><h5>Module 7: Establishing a TTX Program</h5><ul> <li>Integration into ISMS and BCM</li><li>Developing a regular exercise routine</li><li>Definition of Key Performance Indicators</li><li>Scaling within the company</li></ul>Upon completion of the training, participants will be able to: - Translating DORA and NIS2 requirements into training concepts - Planning and facilitating tabletop exercises in a structured manner - develop realistic crisis scenarios (e.g., ransomware, third-party failure) - To evaluate decision-making processes and responsiveness - Identify vulnerabilities and develop countermeasures - to establish a sustainable TTX program within the company- CISO / Information Security Officer - IT Managers and Security Officers - BCM and Risk Manager - Compliance and Audit Officers - SOC employees - Security Incident Manager - Security consultants and IT service providersDay 1 – Fundamentals & Design of Tabletop Exercises Module 1: Regulatory Context (DORA & NIS2) - Overview of Resilience Testing Requirements - Incident Response & Crisis Management in a Regulatory Context - Expectations of Regulators and Auditors - Common vulnerabilities encountered in practice Module 2: Fundamentals of Tabletop Exercises - Distinction from penetration testing and red teaming - Objectives and Benefits of TTX - Roles and Responsibilities (Management, IT, Legal, Communications) Module 3: Designing a TTX - Development of realistic scenarios - Building an Inject Structure (Escalation and Dynamics) - Defining exercise objectives and KPIs - Development of a training manual Practical exercise - Developing your own scenario in groups Day 2 – Implementation, Evaluation, and Operationalization Module 4: Conducting a Tabletop Exercise - Live simulation of a realistic scenario (e.g., a ransomware attack involving a third-party outage) - Role-based implementation (Management, IT, Communications) - Facilitation techniques and managing the exercise Module 5: Evaluation & Lessons Learned - Structured debriefing (Hot Wash / Debriefing) - Identification of vulnerabilities - Assessment of Responsiveness - Documentation of the results Module 6: Mapping to DORA & NIS2 - Identification of Regulatory Gaps - Prioritization of measures - Preparing for Audits and Inspections Module 7: Establishing a TTX Program - Integration into ISMS and BCM - Developing a regular exercise routine - Definition of Key Performance Indicators - Scaling within the company2 jours1390.001390.001390.001390.001390.00