Table-top Exercises

In 2015, we conducted a table-top exercise with a cross-section of our marketplace firms to test information-sharing between regulators in the event of a systemic attack. The exercise resulted in guides about cybersecurity best practices and cybersecurity incident responses, also released in 2015.

In 2018, we conducted a table-top exercise for small and medium-sized Dealers. Small/medium-sized Firms don’t typically have the resources of larger firms to manage risks. We wanted to provide a forum for them to speak with each other and with cybersecurity experts, and collaborate and discuss common industry cybersecurity threats and low-cost best practices to manage risks. The exercise was designed as a series of four separate case studies and participants discussed crisis responses in small facilitated groups. At the end of the exercise, recommended solutions were provided.

CIRO conducted two cybersecurity table-top exercises in 2023 for small and medium-sized CIRO member firms. Refer to the Notice for details.