Crisis Management Services
Build and improve your crisis response infrastructure with expert support from Red GoatContact us
Organisations that prepare for a cyber attack recover faster and incur less costs than ones that fail to prepare
Looking to improve your ability to plan for a cyber incident and respond better if one occurs?
A cyber crisis is an abnormal event, usually a cyber-attack from an internal or external attacker, that occurs within a compressed period of time where the operational, financial and reputational interests of your organisation are under threat. The strategic response we give to such events is usually a defining moment for the organisation. Cyber events are usually fast moving and highly disruptive. Those that have planned, prepared and rehearsed scenarios and plans tend to emerge in a better position for their organisation and the stakeholders.
We provide a range of crisis management services to help your organisation improve your level of crisis preparedness and response such as development of plans and playbooks, audits, immersive crisis exercises and cyber crisis management training. Our experts have over a decade of experience in managing complex risk, planning and exercising.
Cyber Crisis Exercise
An immersive and evolving cyber attack exercise to test your plans and strategic and tactical responses.
An immersive and evolving table top exercise to test your strategic and tactical response to an incident. It helps prepare you for an attack and allows you to test how key staff make and communicate vital decisions in a developing situation.
Includes full development and delivery of a custom exercise focusing on your priorities, a post exercise debrief and a full report of outcomes and recommendations.
Full details on the cyber crisis exercise page.
Crisis Management Plan Development
Red Goat helps you develop clear and effective plans for use in a crisis.
Crisis management plans are important functional documents which need to be useable and well thought through. For any organisation to be ready for a crisis they need robust plans, policies and frameworks. Many organisations have either incomplete plans or lack plans altogether and lack either the time or the resources to create plans that can fulfil the function they need to. Any crisis management plan needs to be usable under pressure, understood by the crisis management team and periodically reviewed, usually after an exercise, to ensure it is fit for purpose.
We work in a collaborative way, speaking with your team and members of your crisis management team to create effective and usable crisis management plans, toolkits, playbooks and policies and making sure they align with other areas of organisational resilience.
We also develop and deliver a plan communication strategy to ensure that all members of the crisis management team have been trained on the new plans, policies and toolkits and it is used as an internal employee awareness campaign to further enhance your resilience.
Crisis Management Plans Review
A 360-degree review of your existing plans with practical suggestions for updates and improvement.
Crisis management plans need to be kept up to date and relevant. Many organisations have plans which are either outdated or incomplete when it comes to the challenges facing the organisation. We provide expertise and a fresh pair of eyes to help you improve your plans, either prior to an exercise or as part of an annual review. We work with you to understand your existing plans and provide clear ideas for improvement based on industry best practice and the realistic threats you may face. At the end of this process, you can either implement the updates yourselves or we can work together to implement the improvements and organise organisation wide communication of the plans giving you more robust and effective plans to work with in the event of an incident. We can even run executive briefings to train your crisis management team on the plans, playbooks and checklists.
Crisis Management Training/Workshops
A range of training, coaching and briefing sessions to increase the confidence and competence of your CMT.
Our training sessions focus on examining key areas of crisis management such as crisis communication, media training, leadership, teamwork and learning from conducting a deep dive analysis of crises experienced and handled effectively by other organisations and government agencies.
We have expert trainers all qualified to level 3 in education and training who can deliver enjoyable and informative training sessions on:
1. Crisis management best practice
Analysing the core components of crisis management best practice taking the guidance from ISO, NIST, the NCSC and CPNI and delivering it in a consumable way. We help your crisis management team understand the scope and limits of their roles, the legal and ethical responsibilities in a crisis and what the gold standard of response looks like. This training is bespoke to your industry and organisation so can also incorporate advice from industry specific regulators.
2. Crisis media communications
Being able to communicate effectively is a key skill to getting your message across during a crisis. Crisis media training gives you the skills you need to be a confident spokesperson who communicates your message under intense media pressure.
As well as practical exercises to improve your skills we analyse and learn from real-world media statements in order to help you avoid common pitfalls and find a delivery style that works for you.
Crisis media training can be conducted as part of a cyber exercise or as a separate event.
3. Crisis leadership and teamwork
We examine what the key areas of crisis leadership are and how effective leadership can have a large impact on how well the organisation deals with a crisis. Our trainers will explore the different crisis leadership styles and skills needed as well as how to communicate with stakeholders such as board members and shareholders during a crisis. We also look at what it takes to be an effective leader in a crisis handling panic and fear, cognitive biases and how to make accurate risk assessments in high pressure situations.
4. Loggist training
Loggists provide a vital role in a crisis situation by accurately recording what has happened. Ineffective logging can turn a crisis into a disaster if there is misunderstanding about actions taken or inaccuracies in time stamping decisions for instance. During any incident keeping a log will give you a clear record of what you decided, what actions you took and when and why you chose that course of action and when information came to your attention. This can prove valuable when you review the crisis management response after the event or even in the event that someone decides to take you to court or a regulator decides to take action after the incident.
The loggists will record this information, time stamp it and give the CMT access to it in real time in an easy-to-use format that is categorised and user friendly.
Loggists need to be able to be calm and work well under pressure. They need an eye for detail and should be excellent multitaskers. They are put in a position of trust as they are handling and recording potentially very sensitive information. For this reason, it is recommended that they are given good quality training and continued practice during each and every exercise you run.
Our training is delivered either in person or virtually and is tailored to your organisation to ensure your loggists are highly trained and confident in their role.
We look at:
- How to capture key pieces of information, actions and decisions;
- How to chase up information that may be incomplete or lacking in detail;
- How to time stamp records properly;
- How to create user friendly records;
- How to quickly categorise information and decisions;
- Electronic vs paper logging;
- How to secure and protect the logs post incident.
5. Bespoke crisis management plan and toolkit training
This training is conducted after a review or development of your crisis management plans, policies and toolkits.
The training sessions are particularly effective when combined with our cyber crisis exercise service. This enables your crisis management team to walk into the exercise with more confidence to take on the challenges set and helps develop your maturity and resilience faster.
Get in touch to discuss how we can help you achieve your security awareness or resilience goals.
How to write an effective ransomware playbook
Ransomware playbooks contain detailed instructions on what to do in the event of a ransomware attack. Read our guide to getting started with developing a ransomware playbook for your organisation.
How to get exec approval for a cyber exercise
Testing your response to a cyber-attack will save you resources in the event of a real incident, but for many organisations taking the first step in exercising can seem like a big commitment in time and energy. Here are some top tips on getting exec approval for a cyber exercise.
Get started with crisis communication planning
Cyber-attacks are no longer outlier events. In fact, the old saying of “it’s not if – but when” has sadly proven true for many organisations. For this reason many organisations are now heavily focused on planning and preparing for a cyber-attack and increasing their levels of resilience, response and redundancy to enable them to survive.
7 Examples of Cyber Tabletop Exercises
Would you know how to respond if your organisation was hit by a cyber attack? Running a cyber tabletop exercise allows you to prepare and test responses in a safe environment. But what type of cyber incident should you use in your exercise? Here are seven examples of cyber tabletop exercises that you could consider running for your crisis team.
A big change for future cyber-attack victims in France?
A big change is coming in France. From April 24th this year cyber attack victims will now have 72 hours…
Monero and the rise of privacy coins in ransom demands
Bitcoin has been synonymous with ransomware for as long as cybercriminals have been encrypting hard drives. Now ransoms are increasingly being demanded in alternative cryptocurrencies […]