Using the Cyber Table Top (CTT) Process to Perform a Cyber Risk Assessment
Summary
The Cyber Table Top (CTT) process, developed in 2014 for DoD customers, addresses the overload of findings from traditional scanning tools by focusing on vulnerabilities that pose the highest mission risk. This multi-day wargame brings together system stakeholders and red teams to evaluate threats that could deny, degrade, disrupt, or destroy a system's core mission.
IFF Assessment
The CTT process is a defensive methodology designed to improve risk assessment and resource allocation for cybersecurity, directly benefiting defenders by helping them prioritize critical vulnerabilities.
Defender Context
The CTT process offers a valuable approach for defenders to move beyond simply identifying vulnerabilities to assessing their true impact on mission objectives. This allows for more effective prioritization of limited resources, ensuring that the most critical risks to system functionality and operational continuity are addressed first.