CyberDrill Scenario Designer — Build Your SEBI ID.5 Tabletop Pack

Your Organisation

Scenario Type

Participants

Drill Parameters

Step 1 of 4 — Your Organisation

This shapes which regulatory obligations are active during the exercise.

Organisation Name *

Please enter your organisation name.

Sector *

Please select your sector.

Organisation Size

Previous Drills

Active Regulatory Obligations (select all that apply)

SEBI CSCRF CERT-In 2022 RBI Cyber Framework IRDAI Cyber 2023 DPDP Act 2023 ISO 27001

Why this matters: Your sector determines which regulators have parallel reporting obligations during an incident — CERT-In (6hr), RBI (6hr), IRDAI (6hr), SEBI (4hr), and DPBI (72hr) can all run simultaneously. The pack will map each inject to the correct reporting clock.

Step 2 of 4 — Choose Your Scenario

Pick the threat scenario most relevant to your sector's risk profile. The pack will auto-generate sector-specific context, injects, and regulatory triggers.

🔒

Ransomware / Extortion

File encryption, backup deletion, ransom demand. Tests BCP, communication, CERT-In 6hr reporting.

📤

Data Exfiltration

Customer PII or financial data stolen. Triggers DPDP 72hr + CERT-In parallel clocks.

📉

Trading / Core System Outage

Critical system unavailability during market hours. RTO/RPO and SEBI 4hr reporting tested.

🔗

Supply Chain Compromise

Vendor software backdoor or third-party breach. Tests TPRM, DPA obligations, lateral spread.

🕵️

Insider Threat / Data Leak

Privileged insider exfiltrating data. HR, legal, forensics coordination tested.

🌊

DDoS / Service Disruption

Internet-facing services flooded. Customer communication, ISP coordination, media handling tested.

Exercise Mode

Drill Frequency

Step 3 of 4 — Participant Roles

Select all roles that will participate. Each role gets a tailored briefing card with their obligations during the exercise. The biggest tabletop mistake is limiting participation to the security team.

Select Participating Roles *

CISO / Security Lead IT Operations Legal / Compliance Business Unit Head CTO / CIO Communications / PR Risk Officer Internal Auditor DPO / Data Protection Officer Vendor / Third-Party Rep MD / CEO

Please select at least 2 participant roles.

Facilitator Name / Role

Exercise Date (optional)

SEBI note: ID.5 specifically expects "all relevant stakeholders" — not only the security team. Cross-functional participation with senior management is a key differentiator that SEBI inspectors look for in drill evidence.

Step 4 of 4 — Drill Parameters

Final configuration for your drill pack. Customise the focus areas and output format.

Primary Focus Area

Drill Timing Simulation

Known Gaps to Test (optional — from previous drill)

Additional Evidence Requirements

SEBI ID.5 Drill Report CERT-In Drill Evidence Board Pack Annex IRDAI Attestation Support ISO 27001 A.5.24

Your CyberDrill Pack is Ready

Review each section, check off evidence items, then print or export.

01 — Scenario Brief

02 — 90-Minute Exercise Agenda & Inject Sequence

03 — Participant Role Cards

04 — SEBI ID.5 / CERT-In Evidence Checklist

Run This Exercise in the CyberDrill Module — Practitioner Toolkit

The full CyberDrill module inside the Practitioner Toolkit gives you a pre-built scenario library, real-time inject delivery, live participant response capture, and automated audit-grade drill report generation. Built specifically for SEBI ID.5 evidence that withstands inspection scrutiny.

Open CyberDrill in Practitioner Toolkit → Read the CISO Playbook

CyberDrill Scenario Designer & Tabletop Pack Builder

Run This Exercise in the CyberDrill Module — Practitioner Toolkit

Explore More Practitioner Tools

Run Evidence-Grade CyberDrills