Skip to content

Cybersecurity Tabletop Exercise

Validate your team’s incident response capabilities


Responding to a live cyber incident requires cohesion, urgency, and practice.

"Bad days" can happen to any of us. They create confusion, and responding in confusion is tough.
Do you trust that your team will respond appropriately when the heat is on? 

Our Cybersecurity Tabletop Exercise is an engaging, interactive incident simulation that will challenge your responders to make good decisions under pressure.

We offer this service in two formats to suit your needs and participant group: 


Strategic – For managers and executives. We focus on the business side of incident response and test their decision-making abilities. Participants will approve and allocate tactical resources, demonstrate their understanding of thresholds, and align their decisions with existing risk programs and policies.


Tactical – For technical IT and security staff. This format focuses on executing technical response measures and communicating with decision-makers. It includes boots on the ground, direct technical incident response activities. 

In both formats, we will assess the participants' knowledge of approved escalation paths and their execution of an established communications plan.


We will test your incident response plan

A prompt cyber incident response can save millions in fallout. Conversely, an inadequate response may lead to a host of issues including loss of data, loss of revenue, fines and lawsuits, an inability to deliver services or a complete shutdown of business operations. 

This service will identify gaps and risk factors that standard assessments will not.

We don’t just walk you through a slide presentation. We facilitate a fully-interactive simulation tailored to your industry. During the tabletop exercise, we will challenge your team to communicate effectively, coordinate a response, execute their incident response plans, and react to the consequences of their actions.


We design custom incident response scenarios
relevant to your industry

What to expect:

  • 04 DEBRIEF

Simulation Design

We will review your relevant documentation* for our Simulation Design, including incidence response plans and playbooks, business continuity plans, disaster recovery plans, and enterprise risk management policies.

Kickoff Meeting

We’ll host a Kickoff Meeting to give an overview of the exercise, review the simulation format, and confirm each participant’s role. 

Tabletop Exercise

We facilitate the Tabletop Exercise. Each participant will receive a situation manual for reference and respond to given scenarios in a Conditions, Actions, Needs (CAN) format.


We Debrief the participants and deliver the Simulation Scorecard. During this high-value engagement, we will challenge attendees to describe what went right, what went wrong, and what they can do better next time.

*Need to create or update your incident response documentation first? No sweat! We can add on our Incident Response Plan service to build out an IR plan tailored to your business. 

You will receive:

  • A Simulation Scorecard
  • An Executive Summary
  • And our Recommendations based on your team’s performance

Our team of experienced incident responders has helped many organizations prepare for these crisis situations and test their plans.

With our Cybersecurity Tabletop Exercise, we will create a challenging scenario in a safe environment so you can assess — or prove — your team’s ability to coordinate the necessary response. 


Mirai Security is a process-focused consulting firm based in Vancouver, Canada. We are a dynamic group of cybersecurity experts with decades of experience building and operating security teams for the Canadian government, various critical infrastructure projects, the Vancouver 2010 Winter Olympics, and more.

In addition, we hold a rare engineering designation in the cybersecurity space, so our clients get novel insights and a proper, engineering-style approach to their enterprise network and data security. 

Cybersecurity is a fluid, complex field, and we’ve spent 30 years figuring it out so you don’t have to.