When your public statement on a crisis gets leaked before it’s even sent, you realize the real crisis isn’t just outside—it might be on the inside, too. How would your leadership team respond under this kind of pressure? What does your team do next when communications likely can’t be trusted?
Like a “ghost in the wires,” a silent threat actor silently undermines your operations, striking your most important systems. Reports of telecommunications breaches in late October 2024 are a clarion call for organizations across sectors, especially given their potential to disrupt governance or erode public trust.
For boards and councils, they underscore an urgent need for improved collaboration between operations and administration teams to prepare for these types of incident response challenges. As disruptive as a situation like this may be, those at the decision-making table must quickly address the immediate threat while maintaining public confidence.
Put another way: What’s more damaging, the crisis itself or the unpreparedness which follows?
Introducing the Tabletop Exercise (TTX)
A TTX can serve as an invaluable way to evaluate how boards, councils, leadership teams, and operational staff would respond to this kind of a situation. By simulating real-world scenarios, a TTX brings together key stakeholders to discuss “what ifs.” The TTX looks to ‘pressure test’ existing policies and procedures. An inject—timely, supplementary information that complicates the scenario—can take the exercise to the next level by introducing realism, while pushing participants to think critically. Injects are what make TTX scenarios truly dynamic; forcing participants to grapple with unpredictable twists, much like what would take place in a real-world situation.
For instance, imagine an inject where a public statement has been leaked, and all existing communications channels—like email or instant messaging—are flagged as compromised. The question becomes: What now? Remember, the clock is ticking. Every misstep potentially risks creating an even larger crisis.
If your team doesn’t have alternative, trusted communication channels already in place, the focus likely shifts from crisis management to damage control. This is precisely why TTX activities are so valuable. TTX exercises can uncover gaps in policies, procedures, or platforms before a ghost in the wires can exploit them.
Pressure Testing Alternate Communications
Consider the same example: with no secure way to coordinate internally, teams may scramble to find workarounds. Without secure internal coordination, decision makers may gravitate toward temporary fixes which can create confusion and potentially introduce new risks.
A TTX could highlight the need to establish and test secure communication channels, like Signal, or other encrypted platforms, well ahead of an actual crisis. By embedding these tools in policies and practices, your organization’s decision makers can move from being reactive to proactive—acting with reflexive confidence when it matters most.
The power of a TTX lies in its ability to enable organizations to shift from reactive measures to a continuous state of readiness. In this example, with secure communication systems already in place, key decision makers could approach a public statement leak not with panic but with practiced confidence.
A well-run TTX can potentially transform “what if” scenarios into “we’ve got this” moments. Such moments can give decision makers the clarity and tools they need to succeed under pressure. Even if a “threat actor in the wires” emerges, your organization can be more resilient. For councils and boards, this also means staying “out of the weeds” and, instead, focusing on being the steady hand which can uphold governance while reassuring stakeholders.
Need Help?
If your board, council, or operational team isn’t ready to respond to a crisis like this, let’s fix that. I specialize in designing and facilitating custom Tabletop Exercises which help build resilience and confidence at every level of your organization, including boards and councils. Whether you’re tackling IT breaches, communications crises, or anything in between, I can help your team go from reactive to proactive. Reach out to discuss how we can prepare your organization for the challenges ahead. Don’t wait for the gaps to be exposed during an event. Let’s build your resilience now.
0 Comments