Skip to Main Content
Strengthen your email security practices with 50% off e-learning | Shop now
Cyber Incident Response Tabletop Exercises

Cyber Incident Response Tabletop Exercises

SKU: 5744
Format: Consultancy (annual)

Cyber attacks and data breaches are inevitable, but the faster and more effective your response, the more likely it is you can reduce the impact of an incident.

The threat landscape is constantly evolving, so make sure your organisation is ready to deal with any incident by independently testing your CIR (cyber incident response) capability.

The Cyber Incident Response Tabletop Exercises are provided by IT Governance’s sister company GRCI Law Limited, a specialist in data privacy, cyber security, and legal and compliance advisory services.

e-learning training options
Price: 5.895,00 €
ex. VAT

As leading cyber security incident experts, GRCI Law recommends rehearsing CIR plans annually, at minimum, to ensure they remain effective and that all staff know what their role and responsibilities are.

Our Cyber Incident Response Tabletop Exercises are conducted in a safe environment that engages and empowers staff from across your organisation. These exercises will highlight any deficiencies, recommend improvements and ensure that everyone knows what to do in the event of a cyber security incident.

This service provides your organisation with an experienced, independent CIR team, who will assess your current CIR capabilities in line with industry-recognised good practice.

This is a bespoke service, which is tailored for your organisation. We understand that no two organisations are the same and our consultancy team will work with you to ensure that these exercises address the risks that your organisation faces.

Download the service description

Call our GRCI Law team on 00 44 333 900 5555 to discuss how this service can help you.

See what our previous customers think about this service

“Cliff was awesome to work with. Was a great day working through the tabletop exercises.”

- Anonymous



  • Understand your organisation’s readiness to respond to a cyber incident.
  • Take action to mitigate deficiencies and protect against future incidents.
  • Highlights to internal and external interested parties your commitment to cyber security and the protection of your data and assets.
  • CREST-accredited service for maximum peace of mind.
Why choose GRCI Law?

Why choose GRCI Law?

  • Unlike other organisations, GRCI Law is a specialist legal consultancy, which only advises on cyber security, data protection and privacy.
  • GRCI Law’s Cyber Incident Response Service has been approved as a CREST-accredited service.
  • GRCI Law’s team of cyber security specialists, qualified lawyers and DPOs (data protection officers) has decades of experience in privacy and information/cyber security compliance programmes and personal data solutions for high-profile organisations.
  • GRCI Law takes a pragmatic approach to assessing and managing your data privacy needs, aligning standards and best practices with your operational and business requirements.

If you would like to know more about our CIR services, then contact our GRCI Law team on 00 44 333 900 5555 to discuss how we can help you.


This service is provided in English.

Your Team

Cliff Martin – Head of Cyber Incident Response

Cliff leads the Cyber Incident Response Service within GRCI Law. He began his career teaching computer systems and network technologies in further and higher education. He moved into the defence industry, where his main areas of expertise were risk management and accreditation, incident management and response, and secure systems architecture and configuration. Cliff has experience in both IT and OT environments. He understands the complexity of cyber security incidents and their potential impact on the business, its users and its customers.

John Potts – Operations Director

John is a data protection professional who has been working in data privacy for more than 12 years. As Operations Director for GRCI Law, he oversees service delivery and manages the GRCI Law consultant team. He set up our specialist data breach and DSAR (data subject access request) services and developed our Cyber Incident Response Service. He is also the DPO for a number of GRCI Law’s key clients. Before joining GRCI Law, John was Head of Information Rights and Head of Information Law and Security with the UK Metropolitan Police Service. Both roles involved regular contact with the UK regulator, the ICO (Information Commissioner’s Office). He has worked on several high-profile cases regarding information access rights.

Customer Reviews