Using the Cyber Table Top (CTT) Process to Perform a Cyber Risk Assessment

Summary

The Cyber Table Top (CTT) process, developed in 2014 for DoD customers, provides a risk-based approach to cybersecurity assessments by focusing on mission impact rather than just the sheer number of vulnerabilities. This multi-day wargame brings together various stakeholders to evaluate threats and prioritize remediation efforts.

IFF Assessment

FRIEND

The article describes a defensive methodology that helps organizations prioritize their security efforts and resources to address the most critical risks, which is beneficial for defenders.

Defender Context

The CTT process offers a valuable framework for defenders to move beyond simple vulnerability counts and focus on the real-world impact of threats on critical missions. By integrating operational context with technical findings, organizations can better allocate resources for effective risk mitigation.

Read Full Story →