Crisis Management Services

Build and improve your crisis response infrastructure with expert support from Red Goat

Contact us

Organisations that prepare for a cyber attack recover faster and incur less costs than ones that fail to prepare

Looking to improve your ability to plan for a cyber incident and respond better if one occurs?

A cyber crisis is an abnormal event, usually a cyber-attack from an internal or external attacker, that occurs within a compressed period of time where the operational, financial and reputational interests of your organisation are under threat. The strategic response we give to such events is usually a defining moment for the organisation. Cyber events are usually fast moving and highly disruptive. Those that have planned, prepared and rehearsed scenarios and plans tend to emerge in a better position for their organisation and the stakeholders.

We provide a range of crisis management services to help your organisation improve your level of crisis preparedness and response such as development of plans and playbooks, audits, immersive crisis exercises and cyber crisis management training. Our experts have over a decade of experience in managing complex risk, planning and exercising.

Cyber Crisis Exercise

An immersive and evolving cyber attack exercise to test your plans and strategic and tactical responses.

An immersive and evolving table top exercise to test your strategic and tactical response to an incident. It helps prepare you for an attack and allows you to test how key staff make and communicate vital decisions in a developing situation.

Includes full development and delivery of a custom exercise focusing on your priorities, a post exercise debrief and a full report of outcomes and recommendations.

Full details on the cyber crisis exercise page.

 

Crisis Management Plan Development

Red Goat helps you develop clear and effective plans for use in a crisis.

Crisis management plans are important functional documents which need to be useable and well thought through. For any organisation to be ready for a crisis they need robust plans, policies and frameworks. Many organisations have either incomplete plans or lack plans altogether and lack either the time or the resources to create plans that can fulfil the function they need to. Any crisis management plan needs to be usable under pressure, understood by the crisis management team and periodically reviewed, usually after an exercise, to ensure it is fit for purpose.

We work in a collaborative way, speaking with your team and members of your crisis management team to create effective and usable crisis management plans, toolkits, playbooks and policies and making sure they align with other areas of organisational resilience.

We also develop and deliver a plan communication strategy to ensure that all members of the crisis management team have been trained on the new plans, policies and toolkits and it is used as an internal employee awareness campaign to further enhance your resilience.

Crisis Management Plans Review

A 360-degree review of your existing plans with practical suggestions for updates and improvement.

Crisis management plans need to be kept up to date and relevant.  Many organisations have plans which are either outdated or incomplete when it comes to the challenges facing the organisation. We provide expertise and a fresh pair of eyes to help you improve your plans, either prior to an exercise or as part of an annual review.  We work with you to understand your existing plans and provide clear ideas for improvement based on industry best practice and the realistic threats you may face. At the end of this process, you can either implement the updates yourselves or we can work together to implement the improvements and organise organisation wide communication of the plans giving you more robust and effective plans to work with in the event of an incident. We can even run executive briefings to train your crisis management team on the plans, playbooks and checklists.

Crisis Management Training/Workshops

A range of training, coaching and briefing sessions to increase the confidence and competence of your CMT.

Our training sessions focus on examining key areas of crisis management such as crisis communication, media training, leadership, teamwork and learning from conducting a deep dive analysis of crises experienced and handled effectively by other organisations and government agencies.

We have expert trainers all qualified to level 3 in education and training who can deliver enjoyable and informative training sessions on:

 

1. Crisis management best practice

Analysing the core components of crisis management best practice taking the guidance from ISO, NIST, the NCSC and CPNI and delivering it in a consumable way. We help your crisis management team understand the scope and limits of their roles, the legal and ethical responsibilities in a crisis and what the gold standard of response looks like. This training is bespoke to your industry and organisation so can also incorporate advice from industry specific regulators.

 

2. Crisis media communications

Being able to communicate effectively is a key skill to getting your message across during a crisis. Crisis media training gives you the skills you need to be a confident spokesperson who communicates your message under intense media pressure.

As well as practical exercises to improve your skills we analyse and learn from real-world media statements in order to help you avoid common pitfalls and find a delivery style that works for you.

Crisis media training can be conducted as part of a cyber exercise or as a separate event.

 

3. Crisis leadership and teamwork

We examine what the key areas of crisis leadership are and how effective leadership can have a large impact on how well the organisation deals with a crisis. Our trainers will explore the different crisis leadership styles and skills needed as well as how to communicate with stakeholders such as board members and shareholders during a crisis. We also look at what it takes to be an effective leader in a crisis handling panic and fear, cognitive biases and how to make accurate risk assessments in high pressure situations.

 

4. Loggist training

Loggists provide a vital role in a crisis situation by accurately recording what has happened. Ineffective logging can turn a crisis into a disaster if there is misunderstanding about actions taken or inaccuracies in time stamping decisions for instance. During any incident keeping a log will give you a clear record of what you decided, what actions you took and when and why you chose that course of action and when information came to your attention. This can prove valuable when you review the crisis management response after the event or even in the event that someone decides to take you to court or a regulator decides to take action after the incident.

The loggists will record this information, time stamp it and give the CMT access to it in real time in an easy-to-use format that is categorised and user friendly.

Loggists need to be able to be calm and work well under pressure. They need an eye for detail and should be excellent multitaskers. They are put in a position of trust as they are handling and recording potentially very sensitive information. For this reason, it is recommended that they are given good quality training and continued practice during each and every exercise you run.

Our training is delivered either in person or virtually and is tailored to your organisation to ensure your loggists are highly trained and confident in their role.

We look at:

  • How to capture key pieces of information, actions and decisions;
  • How to chase up information that may be incomplete or lacking in detail;
  • How to time stamp records properly;
  • How to create user friendly records;
  • How to quickly categorise information and decisions;
  • Electronic vs paper logging;
  • How to secure and protect the logs post incident.

 

5. Bespoke crisis management plan and toolkit training

This training is conducted after a review or development of your crisis management plans, policies and toolkits.

The training sessions are particularly effective when combined with our cyber crisis exercise service. This enables your crisis management team to walk into the exercise with more confidence to take on the challenges set and helps develop your maturity and resilience faster.

 

Get in touch to discuss how we can help you achieve your security awareness or resilience goals.

By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them. Read our privacy policy here.

    Related Content

    The Complete Guide to Running a Cybersecurity Tabletop Exercise

    What is a cybersecurity tabletop exercise? A tabletop exercise is an engaging and realistic simulation of a cyber crisis situation. It tests human and managerial […]

    Read more

    Ransomware – not just flying south for the winter.

    In 2022 major ransomware groups have been looking for new profitable markets, and their gaze has fallen…

    Read more

    Can cryptocurrency platforms claim paying attackers is a “White Hat Bounty”?

    Today I want to talk about bug bounties. You are probably sitting there thinking you have heard every…

    Read more

    Lisa Forte – Darknet Diaries

    One of our Partners, Lisa Forte, was asked to be a guest on what is perhaps the most popular and influential…

    Read more

    Lloyd’s of London exclude nation-backed cyber attacks from insurance

    Lloyds of London has announced that from 2023 all of its insurer groups will have to exclude “catastrophic”…

    Read more

    OFAC Sanctions Tornado Cash: what this means for ransomware payments

    In early August the U.S Treasury’s Office of Foreign Assets Control (OFAC) sanctioned another popular…

    Read more
    Menu