What did we discover about the world’s cyber workforce capabilities? Dive into the data with us to find out. Read More >

Cyber Crisis Response: Fit for today's threat landscape?

Cyber crisis response and preparedness is on everyone’s lips, yet organizations’ efforts are failing to adapt to modern threats. Discover the first definitive report into cyber crisis preparedness, led by Osterman and Immersive Labs.

The Definitive Report into Cyber Crisis Preparedness

Tabletop exercises have long been considered an essential tool in preparing organizations to face cyber crises. While they once played a vital part in helping workforces deal with cybersecurity incidents, they’re now rapidly falling into obsolescence. 

So what’s the alternative? How many organizations still rely on PowerPoint-driven tabletop exercises to bolster their incident response plans? Is this legacy method of defining cyber crisis response widening the gap between attackers and defenders? 

In collaboration with Osterman Research, we tapped into the collective consciousness of over 400 CISOS and senior security leaders. We sought to discover how influential security professionals prepare for the worst – and just how far behind legacy training techniques have fallen. 

Our Key Findings


Most tabletop exercises take place annually

Between 2019 and 2020, 50 large, publicly acknowledged breaches took place. Can annual exercising keep pace in a threat landscape that shifts almost daily?


Customer and communications teams are under-represented at cyber crisis exercises

When things go wrong, it has to be all hands on deck. But only 13% of CISOs bring customer teams into exercises and 20% involve communications executives.


The most common scenarios involve data breaches, ransomware attacks, and spear-phishing attacks

59% of recent exercises were focused on data breaches, 57% on ransomware attacks, and 45% on spear-phishing attacks, with most organizations running multiple scenarios during a single exercise.


Tabletop exercises are expensive and time consuming

Most organizations spent more than $30,000 on their most recent exercise, with 13% engaging more than 20 people.


Most cybersecurity professionals believe tabletop exercises have helped prepare their organizations to respond to crises

Nearly 80% of those questioned believe the exercises have prepared their organization to respond to future cyber threats.

Immersive Labs enables you to evidence your cyber capability, risk and resilience across technical and non-technical teams in one platform. We call this cyber workforce optimization.

Follow Us

Read Immersive Labs reviews on G2