Daniel Welling welcomes back cybersecurity advisor Adam Pilton (Heimdal Security) for a masterclass on cyber tabletop exercises. Adam defines a tabletop as a staged rehearsal where senior leaders and key responders use the organisation’s incident response procedure while a facilitator introduces evolving information, aiming to build confidence, stress-test decision-making, and improve communication. They discuss common failures like missing or outdated incident response plans, the facilitator’s role in preparing and tailoring scenarios, and differences between SMEs (often using pre-made exercises) and enterprises (more tailored). MSPs should participate, with the on-the-day MSP representative not knowing what comes next, and facilitation can be segmented to reduce bias. Success means surfacing lessons learned, and Adam recommends at least annual exercises, ideally quarterly, including smaller segments within QBRs. He outlines six pillars of effective incident response and highlights the MGM incident as a communication case study.
00:00 Welcome and Guest Intro
01:20 Tabletop Exercises Defined
03:13 Game vs Serious Stress
04:20 Incident Plan Pitfalls
06:29 Facilitator Prep and Tailoring
10:51 SME vs Enterprise Approach
12:26 MSP Role and Independence
15:10 What Success Looks Like
17:01 Where and How Often
19:40 Packaging as Recurring Service
22:21 Six Pillars Framework
24:48 Communication Case Study MGM
28:27 Selling Security Upgrades
30:32 Wrap Up and Contact
Listen on Spotify or Apple Podcasts
Connect with Adam Pilton on LinkedIn by clicking here –https://www.linkedin.com/in/adampilton
Connect with Daniel Welling on LinkedIn by clicking here – https://www.linkedin.com/in/danielwelling/
Connect with Adam Morris on LinkedIn by clicking here – https://www.linkedin.com/in/adamcmorris/
Visit The MSP Finance Team website, simply click here –https://www.mspfinanceteam.com/
MSP Glossary: MSP Finance Glossary Explained | MSP Finance Team
We look forward to catching up with you on the next one. Stay tuned!