Search papers, labs, and topics across Lattice.
This paper introduces a hybrid Tabletop Exercise (TTX) framework for cybersecurity education in the maritime sector, designed to improve executive decision-making during cyber incidents. The framework incorporates a mathematical model (SERDUX-MARCIM) to simulate cyberattack propagation and infrastructure impact, providing a dynamic and interactive training environment. Validation exercises in Argentina and the United States demonstrated improved Cyber Situational Awareness (CSA) and governance understanding among participants.
C-level executives can now train for cyberattacks with a dynamic tabletop exercise that mathematically models the cascading impacts on maritime infrastructure.
As cyber threats grow in complexity and scale, many security incidents remain poorly managed due to the lack of proper training among C-level executives. Thus, there is a need for targeted cybersecurity education to enhance executive decision-making and crisis response. Traditional training methods, such as cyber wargames and Tabletop Exercises (TTX), aim to develop abilities to face critical incidents, however, they often lack the interactive and dynamic elements required to prepare individuals for real-world cyber incidents. This paper presents a novel approach to cybersecurity and cyberdefense education through the design of a specialized hybrid TTX for the maritime domain, which uses a framework to model mathematically how a cyberattack spreads along multiple nodes and impacts infrastructure. Our proposal was validated through exercises in Argentina and the United States, demonstrating a positive impact in developing the comprehension and projection levels of Cyber Situational Awareness (CSA), and reinforcing governance. Documentation about the Hybrid TTX, scenario, datasets and implementation of the SERDUX-MARCIM model, is available at the project repository at https://github.com/diegocabuya/SERDUX-MARCIM
