How would your company deal with a cyber attack?

A cyber Attack War Game reviews your business continuity and incident response plans, puts them to the test with a simulated cyber attack and reports back on improvements and compliance recommendations. Being prepared for a cyber attack can make sure you survive.

What is Cyber Attack War Gaming?

A scenario-driven table-top exercise which simulates a cyber attack to test your incident response plans. It prepares you for an attack and allows you to test how key staff make and communicate vital decisions at both the tactical and strategic levels.

Test your incident response and crisis management capability.

A realistic and engaging cyber attack is simulated in a table top environment to test the effectiveness of your current plans and procedures.

Help your response team and other key staff be better prepared for a cyber attack.

Receive a full report on the exercise along with a cold debrief and recommendations for improving the plan.

KEY ELEMENTS

TEST

Test that your team understand your incident response plan including how to activate and manage it.

CHECK

Check that you are applying the core principles of incident management & business continuity best practice.

ASSESS

Assess the effectiveness of your team work & ability to communicate under pressure.

IDENTIFY

Identify skills and knowledge gaps within your incident response team.

EVIDENCE

Evidence your commitment to security and risk management as required under the GDPR.

The Process

Scoping: We assess your current plans & understand your assets and vulnerabilities. We review current compliance with data protection and business continuity best practice.

Exercise: We plan & carry out the Cyber Attack War Game with your incident response team and crucial staff. We deliver a hot debrief after the exercise.

Reporting: We'll report back in a face to face cold debrief with findings from the exercise and suggestions for improving your plans.

Review: A full review of amended incident response / business continuity plans is conducted. Retesting can be done when required.

What is included?

FULL INCIDENT RESPONSE REVIEW

We help you conduct a full review of your incident response & business continuity plans and policies to ensure they are effective and reflect best practice.

FULLY MANAGED CYBER ATTACK EXERCISE

We plan and deliver a high quality, realistic cyber attack wargame. We can have observers & loggists to record evidence for debriefing later.

POST-EXERCISE HOT AND COLD DEBRIEFS

We deliver a hot debrief immediately after the exercise and a cold debrief once the full report has been compiled.

REPORT AND RECOMMENDATIONS

We deliver a full report on the outcomes of the exercise, lessons learned and recommendations for improving your plan. We present the report to you & deliver a cold debrief.

What are we testing?

  • Team work and communication

  • Co-ordination with the Police and the ICO

  • Social media response

  • Handling the press

  • Effectiveness of plans, policies and procedures

  • Communication with staff, suppliers and customers

NCSC: You should run exercises to test your ability to respond to incidents that could effect the delivery of essential services

Why plan and exercise?

DAMAGE MITIGATION: By rehearsing the plan like you would a fire drill, your company can make swift effective decisions in the event of an actual attack.

GDPR: The GDPR requires organisations to evidence an incident response plan and to show they are taking security seriously.

AWARENESS: Testing plans gives staff practice at their incident response role, increasing their confidence and awareness of security incidents. Practice makes perfect.

BUILD CUSTOMER CONFIDENCE: Security and incident management are becoming very important in due diligence procedures. This can help you stand out to prospective customers and reassure existing ones.

PCI: Having an incident response plan is essential for PCI compliance.

ICO ADVICE: The ICO explicitly states that organisations should have a well thought out and tested incident response plan.

How is the exercise created?

We manage the entire project from start to finish. Some of our clients like input into the design of the scenario and this can be a great way to add some extra realism. However It is important that the team who will participate in the exercise don’t know anything about the scenario beforehand.

How long does it take?

This depends on the maturity of your current plans. Some clients are developing a plan for the first time whereas others have a more tried & tested plan. The table top exercise section is 4 hours long including the hot debrief. We work around you so as to cause minimal business disruption.

Who needs to be involved?

The main teams that should be involved in a Cyber Attack War Game are the incident response team and other crucial staff such as HR, I.T, Communications, and any operational managers that may be involved in an incident.

Bristol Port Company