How would your company deal with a cyber attack?

A Cyber Attack War Game reviews your business continuity and incident response plans, puts them to the test with an immersive cyber attack simulation and reports back on improvements and compliance recommendations. Being prepared for a cyber attack can make sure your business survives.

What is Cyber Attack War Gaming?

An immersive and evolving cyber attack exercise to test your strategic and tactical response to an incident. It helps prepare you for an attack and allows you to test how key staff make and communicate vital decisions in a developing situation.

Test your incident response and crisis management capability in an immersive, high pressure simulation.

A realistic multi-media cyber attack is simulated to test the effectiveness of your current plans and procedures as well as you ability to adapt to a volatile situation.

Help your response team and other key staff be better prepared for a cyber attack and practice their roles in a incident.

Receive a full report on the exercise along with a cold debrief and recommendations for improving the plan.



Test that your team understand your incident response plan including how to activate and manage it.


Check that you are applying the core principles of incident management & business continuity best practice.


Assess the effectiveness of your team work & ability to communicate under pressure.


Identify skills and knowledge gaps within your incident response team.


Evidence your commitment to security and risk management as required under the GDPR.

The Process - HOW THIS WORKS

Scoping: We assess your current plans & understand your assets and vulnerabilities. We review current compliance with data protection and business continuity best practice.

Exercise: We plan & carry out the Cyber Attack War Game with your incident response team and crucial staff. We deliver a hot debrief after the exercise. We try and include staff to create a more realistic simulation.

Reporting: We'll report back in a face to face cold debrief with findings from the exercise and suggestions for improving your plans.

Review: A full review of amended incident response / business continuity plans can be conducted. Retesting can be done when required.

What is included?


We help you conduct a full review of your incident response & business continuity plans and policies to ensure they are effective and reflect best practice.


We plan and deliver a high quality, realistic cyber attack wargame. We can have observers & loggists to record evidence for debriefing later.


We deliver a hot debrief immediately after the exercise and a cold debrief once the full report has been compiled.


We deliver a full report on the outcomes of the exercise, lessons learned and recommendations for improving your plan. We present the report to you & deliver a cold debrief.

What are we testing?

  • Team work and communication

  • Co-ordination with the Police and the ICO

  • Social media response

  • Handling the press

  • Effectiveness of plans, policies and procedures

  • Communication with staff, suppliers and customers

"Red Goat Cyber Security were extremely helpful and professional. Their knowledge of cyber security and table top exercising was excellent and provided a real stimulus in preparing for a potential cyber-attack. We would highly recommend them to other maritime and logistic companies"

David Brown OBE, Chief Executive

Bristol Port Company

"I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We had a wide ranging participation group and they were able to guide and advise as well as ensuring engagement throughout the exercise. It provoked a lot of thought and group discussion. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations"

Andrew Cowling, Director of Informatics at Salisbury NHS Foundation Trust

Salisbury NHS Foundation Trust

Why plan and exercise?

DAMAGE MITIGATION: By rehearsing the plan your company can make swift effective decisions in the event of an actual attack.

GDPR: The GDPR requires organisations to evidence an incident response plan and to show they are taking security seriously.

AWARENESS: Testing plans gives staff practice at their incident response role, increasing their confidence and awareness of security incidents. Practice makes perfect.

BUILD CUSTOMER CONFIDENCE: Security and incident management are becoming very important in due diligence procedures. This can help you stand out to prospective customers and reassure existing ones.

PCI: Having an incident response plan is essential for PCI compliance.

ICO ADVICE: The ICO explicitly states that organisations should have a well thought out and tested incident response plan.

We manage the entire project from start to finish. Some of our clients like input into the design of the scenario and this can be a great way to add some extra realism. However it is important that the team who will participate in the exercise don’t know anything about the scenario beforehand.

This depends on the maturity of your current plans. Some clients are developing a plan for the first time whereas others have a more tried & tested plan. The table top exercise section is 4 hours long including the hot debrief. We work around you so as to cause minimal business disruption.

The main teams that should be involved in a Cyber Attack War Game are the incident response team and other crucial staff such as HR, I.T, Communications, and any operational managers that may be involved in an incident.

NCSC: You should run exercises to test your ability to respond to incidents that could effect the delivery of essential services