May 2026 edition of BlueOrange Connections
Hi friend,
A quick glance around the table paints the picture. More than one player has their beverage of choice. A few have printed manuals; others are looking at the rules online. Some are eager to begin, and at least one person isn’t quite sure how they got talked into playing.
“Sometime overnight, you get an alert. A daemon is trying to breach your outer wall. Your edge defenses are failing. It slips past your security team and makes its way to the treasure. What do you do next? Roll for initiative.”
If the scene above reminds you of game nights of your youth, you’re not far off. Similar scenes are playing out in meeting rooms across companies worldwide. Once seen as a “nice to have” element of a security program, incident response tabletop exercises are becoming a vital component in the ever-evolving cybersecurity landscape.
When these exercises are conducted regularly, organizations can put their security programs to the test. A well-guided scenario highlights the strengths and weaknesses of the incident response plan. The first step in understanding your resilience to a cyber attack is understanding how the organization would respond.
The exercise presents a low-stress, no-fault framework for exploring and testing responses to various threats and scenarios without risking systems or live data.
In addition to testing elements of the security plan, these exercises also shine a light on an uncomfortable truth – security isn’t just an IT concern. IT teams are often relied upon to establish, configure, and maintain the security of the environment, but a successful exercise helps ensure familiarity with the incident response processes and gives all involved, not just IT, a chance to explore their role in dealing with a simulated event.
When a true cybersecurity event or attack occurs, responders can call on what they’ve learned from participating in tabletop exercises, combatting the fear of the unknown or unfamiliar because they’ve practiced and prepared for it.
If you’re ready, BlueOrange can help. Let’s grab those dice and roll for initiative!
Read more in Todd’s blog: Beyond the Checklist: How to Run Successful Tabletop Exercises That Truly Test Your Organization’s Resilience
Todd Skaggs
Security Analyst and IRTTX Program Lead, BlueOrange Compliance
Join us for an informative webinar on June 3 at 2:00 PM
In this session, we’ll break down how organizations are turning fragmented alerts into coordinated, real-time response by operationalizing MDR, EDR, and SOC capabilities.
HIPAA Security Risk Assessment
Don’t wait until compliance deadlines or cyber incidents put your hospital at risk. Partner with BlueOrange Compliance for a HIPAA Security Risk Assessment that strengthens both compliance and patient safety.
Become a Cybersecurity Insider
We’re excited to invite you to join our Cybersecurity Insider Program (CIP) — your exclusive gateway to the latest healthcare cybersecurity insights and resources.
Register today to get these exclusive benefits:
- On-Demand Learning Library
- Exclusive Member Offers
- Early Access to Specialized Content
- CIP Roundtables, Webinars, & Events
Events & Webinars
LeadingAge Southeast Convention | July 13-14 | Orlando, FL | Signia Hilton Bonnet Creek. Learn more
Product & Platform Updates
- BlueOrange Compliance Elevates Cybersecurity with NIST CSF 2.0
Healthcare organizations continue to face rising cyber threats, tighter regulatory scrutiny, and increasing operational pressure. In this environment, a strong, future-ready cybersecurity and compliance posture is essential. That’s why BlueOrange Compliance is proud to announce our transition to the NIST Cybersecurity Framework (CSF) 2.0, fully integrated with NIST SP 800-53 Rev. 5 and NIST SP 800-66 Rev. 2. This upgrade replaces our previous assessment approach rooted in 800-53 Rev. 4 and 800-66 Rev. 1, offering a more comprehensive, modernized, and aligned path to security and HIPAA compliance. Read More → - EDR Powered by SentinelOne: Simplify endpoint protection and visibility. Read More →
Resources & Insights
- Recent Blogs – Expert perspectives on data protection, cybersecurity, compliance,and cloud strategy.
- Endpoint Detection & Response Digital Hub – Access resource guides, webinar recordings, blogs, and best practices.
- Tell Your Story – Help other healthcare organizations by sharing how you’ve overcome your technical and security challenges. Email Us →
Thank you for being part of our BlueOrange Compliance customer community. We’re proud to support your mission to keep healthcare safe, connected, and resilient.
Stay tuned for next month’s issue!
– The BlueOrange Team