In a recent webinar, entitled “Conducting an Effective Tabletop Exercise
,” the Hedge Fund Law Report, along with its sister product, the Cybersecurity Law Report, investigated how firms should develop and conduct tabletop exercises – necessary tools for testing the functionality of a firm’s incident response plan and identifying gaps and other weaknesses in the firm’s cyber preparedness. The program was moderated by Shaw Horton, Associate Editor of the Hedge Fund Law Report, and featured Luke Dembosky, partner at Debevoise & Plimpton and former DOJ prosecutor; John “Four” Flynn, chief information security officer of Uber; and Jill Abitbol, Senior Editor of the Cybersecurity Law Report. This article, the second in a two-part series, outlines ways advisers can successfully conduct tabletop exercises, including their content and scope; participant engagement; common errors; and follow-up. The first article
addressed how fund managers can effectively develop tabletop exercises, including whether they should be conducted in-house or externally; who should participate; what role counsel should play; and how frequent and long they should be. See “Panel Addresses Regulatory Compliance and Practical Elements of Cybersecurity Testing”: Part One
(May 21, 2015); and Part Two
(May 28, 2015).