Whitepaper | Mandatory cyber crisis and tabletop exercises in financial services

March 12, 2026 | Richard Suls

Gain clarity on U.S. and EU tabletop and crisis exercise requirements

In the United States and the European Union, regulators now look for evidence of structured testing, senior management participation, and documented improvement.

In this whitepaper, Richard Suls analyzes the regulatory landscape in the U.S. and EU, identifies where a cybersecurity crisis or tabletop exercise is explicitly mandated or effectively unavoidable, and clarifies how supervisors interpret “testing” in practice.

If you are a financial institution operating in the U.S. or EU, this whitepaper will clarify regulatory requirements and help you design cybersecurity tabletop and crisis exercises that withstand regulatory scrutiny.

Inside the whitepaper:

  • Regulatory landscapes in the United States and European Union
  • Comparison of PCI DSS, federal banking and securities regulators, NYDFS, DORA, and NIS2
  • Practical guidance on designing compliant exercises
WHITEPAPER

Mandatory cyber crisis and tabletop exercises in financial services

Download

Related content

Whitepapers

Connecting the dots: Shared requirements of ISO 27001, NIS2, DORA, and NYDFS

March 28, 2025
Connecting the dots: Shared requirements of ISO 27001, NIS2, DORA, and NYDFS
Webinars

Shared requirements of ISO 27001, NIS2, DORA, and NYDFS

September 16, 2025
Shared requirements of ISO 27001, NIS2, DORA, and NYDFS
Webinars

Webinars – NYDFS Cybersecurity Regulation

October 2, 2024
Webinars – NYDFS Cybersecurity Regulation

Don’t be a stranger, let’s get in touch.

Our team of dedicated experts can help guide you in finding the right
solution for your unique issues. Complete the form and we are happy to
reach out as soon as possible to discuss more.

This site is protected by reCAPTCHA and the Google
Privacy Policy and Terms of Service apply.