There are a number of great online resources to help you develop a successful cyber (or any other) exercise. Here are some of the best we’ve found:
How to run a cyber exercise:
Cyber Exercise Playbook, MITRE. Detailed step by step process on how to run a large scale objective driven exercise. Very much follows a military exercising process.
San Francisco Department of Emergency Management Exercising Toolkit. Overview of different types of exercise (discussion vs operations based) and when each type of exercise may be appropriate.
EU agency for network and information security. Information on EU wide exercises and how to plan and resource large scale exercises. Good crossover with NIST. Best document is the good practise guide – but mainly applicable for large exercises. Also information on previous exercises at EU level.
Guide for Designing Cyber Security Exercises. An academic research paper. Covers the issues to be thought about when designing an exercise. Good links to other academic material.
Scenario / narrative ideas:
Headlines of recent cyber incidents and data breaches. Useful for developing a realistic scenario.
Cyber security vulnerabilities/headlines – CERT-US. CERTUS list of current vulnerabilities discovered / patches released alongside other threat info. Good for technical scenario development.
Standards / information to help you handle the in game exercise:
NIST Incident handling. Detailed information on how to plan and respond to an incident:
NCSC advice page on incident handling. Good, simple, authoritative advice.
Learning from other exercises (non-cyber):
Financial sector. US financial sector exercise template.
Disaster planning information. A US government resource for disaster management in general.
Business continuity exercises. Good set of scenarios to rehearse, and considerations for planning the rehearsal exercise.