Skip to main content
Annual Tabletop
Try the demo
Menu
Ransomwareintro~60 min

SMB Ransomware Readiness — The Tabletop Your Carrier Asked For

Your file server starts encrypting on a Sunday night. No regulator is calling, but your cyber-insurance carrier wants documented evidence of a tested IR plan at renewal. Run the exercise that produces it.

Try in demoSee pricing

Learning objectives

  • Walk a NIST CSF 2.0 RS (Respond) function end-to-end without prior IR experience.
  • Make the pay-or-don't-pay decision under time pressure and document the reasoning.
  • Produce an AAR a non-technical board and a cyber-insurance underwriter can both read.
  • Identify the three CIS Controls IG1 gaps the exercise revealed.

Scenario brief

## Scenario context

Anchor scenario for general SMBs — the buyer who isn't compliance-driven but
is being asked, by a carrier or a customer or a board, for documented proof of
IR readiness. Designed to be runnable by a small team without a CISO.

Bring this scenario to your next exercise.

Try the demoTalk to us