What's the point of conducting a tabletop exercise and who should be involved?
How do you prepare for a tabletop? How often should you host a tabletop exercise?
What can go wrong in a tabletop? What should you do if the exercise doesn't go well? What important topics should you focus on?
Michael Marrano is a cybersecurity professional focused on providing Virtual CISO and Cybersecurity services for clients. He assists organizations with everything from digital transformation to assessing cyber risks and implementing cybersecurity programs. Michael has been honing his skills as a real-world technology and information security practitioner over the last three decades. Early in his career Michael managed technology on trading floors such as NYSE, AMEX, PHLX and has been focused on technology and cybersecurity in the alternative investment industry since 2000. Michael is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA) with extensive experience in consulting, audit and business leadership roles. Michael is the author of “The Human Firewall Builder – Weakest Link to Human Firewall in Seven Days”, a Cyber and Homeland Security master’s scholar at Fairleigh Dickenson University (NJ) and previously held roles such as Senior Principal Cybersecurity Consultant, Managing Director, a former Chief Technology Officer (CTO) and Chief Information Security Officer (CISO).
As Chief Information Security Officer of DataBank, Mark brings over 25 years of extensive information security and information technology experience in a wide range of industries and institutions. Mark joined DataBank in September of 2017 with the acquisition of Edge Hosting (CISO since 2015). In his leadership position, Mark’s responsibilities include strategic planning, oversight of security and compliance, as well as providing subject matter expertise for developing and maintaining a comprehensive, integrated information security and compliance program.
Mark is a successful and sought-after security speaker, blogger, podcaster, and entrepreneur. He has been responsible for security and compliance solutions at Fortune 50 financial and banking institutions, health care entities, the CTO in a higher education institution, a technical operations manager in a startup as well as the role he credits for starting it all, a Cryptologist with the U.S. Navy.
Beyond his professional dedication to information security, Mark also donates his time and expertise to the economic security of individuals and organizations in need, both here and abroad. Mark is also a talented and published aviation photographer and enjoys spending time with his wife watching their boys play sports.