Health Cybersecurity: Tabletop Exercises

By Shelby Kobes on October, 5 2022

Get latest articles directly in your inbox, stay up to date

Back to main Blog
Shelby Kobes

The Healthcare Industry IS a Target

*Updated January 2023*
In response to what we see happening around us, Online's Cybersecurity Health team has designed Tabletop Exercises specifically for Health Centers, Health Care Associations, and Digital Health Tech businesses.

The Healthcare industry is very vulnerable to cyber-attacks and has elevated security risks due to increased remote work environments, virtual care models, and highly sought-after PHI data. Incident response and cybersecurity are more important now than ever before, and Health Centers are tasked with integrating new policies and procedures into their general IT operations to protect against costly security breaches.

In this post, we want to share some additional information about Tabletop Exercises, why we think they are so valuable, and how they work. While the focus of this piece is on healthcare, we run similar Tabletop Exercises for clients across a wide range of industries.


What is a Tabletop Exercise?

A Tabletop Exercise is a hands-on simulation designed to bring organizational awareness to potential security incidents and to identify gaps in your incident response plan. Additionally, this type of interactive exercise identifies areas for more focused training as organizations look to protect themselves against security breaches.

In a controlled environment, Tabletop Exercises are designed to be low-stress and are customized to the unique business requirements of each organization. They allow teams to come together in a safe place to assess the in-place procedures and plans, leaving the session with deliverables to build into the existing security program.


In 2022, data breaches in Healthcare in the US cost businesses an average of $10.10 million USD per incident, $5.64 million in Canada, and $15.87 million throughout the EMEA region. That’s an average 7% rise compared to 2021 and it has been estimated that lost or stolen PHI may cost the Healthcare industry up to $7 billion USD annually.

Healthcare has the highest number of reported security breaches over all other sectors.

What makes the Healthcare sector such a target? Data from medical records is sought after by the cybercrime world because these records contain complete PHI, making it efficient and more profitable for cybercriminals, contributing to 95% of all reported identity thefts – 25 times higher than credit cards.
Source: IBM

Screen Shot 2022-09-22 at 2.27.20 PMSource: IBM

Health Cybersecurity: Right-Sized Tabletop Exercise

Online’s Health Cybersecurity team has put together a bundle of services to identify the needs of your business and integrate security measures that meet the requirements of your evolving security program – from Security Risk Assessments to Incident Response Planning and Tabletop Exercises.


Working with our clients, Online’s Health Cybersecurity team facilitates workshops to train representatives from medical centers and health-focused businesses on the concepts of security incident response preparation and execution – Tabletop Exercises are key components of each workshop. The Tabletop Exercises are customized using real-life scenarios as learning events, and are intentionally designed to address common threats and ultimately train participants to know how to respond to incidents before they happen.



The typical format for Tabletop Exercises involves:


1 – Set the Stage.

A successful tabletop simulation is a direct result of preparation, so we dig deep and work to ensure the exercises are designed to be realistic and simulate attacks that are relevant to the business.

2 – Get the Right People in the Room.

Determining who should be involved in the exercises is critical to a successful outcome. Involving Operations, Clinical, IT, Security management, and other members from Incident Response teams. We encourage including members from Human Resources, Legal, C-Suite, senior management, and risk/compliance. You will quickly discover how these scenarios touch every part of the organization!

3 – Encourage Discussion.

Facilitator-led group discussions, with a focus on process and dialogue, start the exercise to review the effectiveness of strategies and tactics. A lot can be discovered in an open forum discussion in a round table format, failures and all.

4 – Add Complex Challenges.

The introduction of additional challenges to the presented scenarios are introduced to widen the scope of cybersecurity problem-solving. As the name indicates, these exercises present simulated cyberattack situations for your team to navigate.

5 – Key Takeaways.

There is always something to learn in every organization. Following the exercise, participants will better understand how to handle a security incident of any shape, size, and type. Together, we will review the gaps and failures identified, discuss action items to help improve security weaknesses, and build on the strengths within the organization.

Over and over again we hear from workshop participants how helpful and eye-opening the Tabletop Exercises are. What excites us, even more, is how we are seeing the outcomes from these sessions help mature the security program, and ultimately the security posture of participating organizations.

 If you are interested in learning more about the Tabletop Exercises our Health Cybersecurity delivers, we’d love to hear from you. Get in touch today.

You can find additional information about how to protect your healthcare organization in our Health Cybersecurity Resource Center >>>



Submit a Comment

Get latest articles directly in your inbox, stay up to date