User Tools

Site Tools


8-31-2017-martin-cxo-table-top

Overview

This was an event ran by Martin at our 8/31/2017 meeting. The topic was “CXO Table Top” - the event was a selection of scenarios where we were given roles of a C-Level Executive within a pre-determined scenario. Starting with the attacker, each person was given one move, or play. Valid moves are anything within reason that an organization could do.

Potential roles & order of play: Attacker → CEO → COO → CFO → CIO → CMO → Repeat till time.

Our time limits were unfortunately set to 15-20 minute constraints.

A scenario for example, would be:

You walk in at 8AM & nobody can work due to ransomware on all the PCs.

Attack Move 1: I'd do nothing this first round, as they are already disabled

CEO Move 1: .

COO Move 1: .

CFO Move 1: .

CIO Move 1: .

CMO Move 1: .

Attack Move 2: I would post news of the attack to social media as they have not done that yet.

CEO Move 2: .

COO Move 2: .

CFO Move 2: .

CIO Move 2: .

CMO Move 2: .

Attack Move 3: I would see about social engineering the site so I can maintain persistent access. I would see if I can implement attacks on the wire & compromise their updates.

CEO Move 3: .

COO Move 3: .

CFO Move 3: .

CIO Move 3: .

CMO Move 3: .

By this time, the time had been called, but you can see how this can go on for a long time if you are up for it & have dedicated players. After one scenario has played out, new individuals are selected for the next scenario.

Slide Deck

Speaker or Attendee Notes

Any feedback for additional advice or resources should be directed messaged to @mgep104 on Twitter.

Additional Resources

Here are some additional resources if you want to learn more.

Link Description
Defensive Security Handbook An awesome book that discusses scenarios like these in the very first chapter
8-31-2017-martin-cxo-table-top.txt · Last modified: 2017/09/01 16:22 by darksim905