Browse the live library, sample one month, and preview the calendar
Browse the library →Free preview — no purchase requiredAbout this product
A Tier 3 bundle covering 10 different cyber incident scenarios at audiences from finance team to board: ransomware on a critical vendor; insider data exfiltration discovered post-departure; AI deepfake wire fraud; nation-state vendor compromise; SEC 4-day materiality decision; CFO impersonation BEC; ransomware pay-or-not decision; cloud bucket exposure; AI prompt injection; and malicious dependency in production code. Each scenario includes a 45-60 minute facilitator script with staged discussion prompts, common failure modes, and the after-action template that makes the exercise documented evidence of board cyber oversight (SEC Item 106). Plus a facilitator guide for running any tabletop well and an after-action documentation template. Designed for quarterly use — pick one per quarter, rotate through 4 per year, demonstrate continuous improvement to regulators and insurers.
What's included
- 10 ready-to-run scenarios with full facilitator scripts
- Facilitator guide with anti-pattern guidance
- After-action documentation template
- Scenarios for finance / exec / board / engineering / cross-team audiences
- Common failure modes and gotcha guidance per scenario
- Evidence framework for SEC Item 106 / ISO 27001 / insurance
- Customizable for your environment
Who it's for
- CISOs running tabletop programs
- Boards demonstrating cyber oversight
- Audit committees preparing for SEC scrutiny
- Risk management teams meeting insurance requirements
- Security awareness leads needing board-level content
Licensing
Single-organization license. Modify scenarios freely. Don't redistribute externally.
Related products
Executive & Board Cyber Briefing Kit
A polished 15-minute board cyber briefing kit — slides, speaker notes, 24-question Q&A prep, materiality worksheet, tabletop prompts, and an emergency briefing template. Everything the CISO needs to deliver to the board without writing from scratch.
Compliance Crosswalks — Map Awareness Training to Your Framework
Defensible mappings of every ForgeAwareness product to NIST CSF 2.0, ISO 27001:2022, CIS Controls v8.1, SOC 2, PCI DSS 4.0.1, and HIPAA — plus 8 audit-evidence templates auditors actually accept.
Secure AI Use: Advanced
A 60-minute course for the people who deploy AI — champions, builders, and team leads — covering prompt injection, agentic blast radius, data governance, vendor risk, and how to run a secure AI program.