Cyber Crisis Exercise

An immersive and evolving cyber attack exercise to test your strategic and tactical response to an incident.

In 2019 the average cost of a data breach was $3.92m. Companies with an incident response team and who test their plans save on average over $1.2m if a breach occurs.

What is a Cyber Crisis Exercise?

An immersive and evolving table top exercise to test your strategic and tactical response to an incident. It helps prepare you for an attack and allows you to test how key staff make and communicate vital decisions in a developing situation.

  • Test your incident response and crisis management capability in an immersive, high pressure simulation.
  • A realistic multi-media cyber attack is simulated to test the effectiveness of your current plans and procedures as well as you ability to adapt to a volatile situation.
  • Help your Crisis Management Team and other key staff be better prepared for a cyber attack and practice their roles in a incident.
  • Receive a full report on the exercise along with a cold debrief and recommendations for improving the plan.

What is a Cyber Crisis Exercise?

An immersive and evolving table top exercise to test your strategic and tactical response to an incident. It helps prepare you for an attack and allows you to test how key staff make and communicate vital decisions in a developing situation.

  • Test your incident response and crisis management capability in an immersive, high pressure simulation.
  • A realistic multi-media cyber attack is simulated to test the effectiveness of your current plans and procedures as well as you ability to adapt to a volatile situation.
  • Help your Crisis Management Team and other key staff be better prepared for a cyber attack and practice their roles in a incident.
  • Receive a full report on the exercise along with a cold debrief and recommendations for improving the plan.

Scoping: We assess your current plans & understand your assets and vulnerabilities.
Exercise: We plan & carry out the Cyber Crisis Exercise with your incident response team and crucial staff. We deliver a hot debrief after the exercise.
Reporting: You will receive a full written report with findings from the exercise and suggestions for improving your plans.
Review: A full review of amended incident response / business continuity plans can be conducted. Retesting can be done when required.

Key Elements

TEST

Test that your team understands your incident response plan including how to activate and manage it.

N

CHECK

Check that you are applying the core principles of incident management & business continuity best practice.

ASSESS

Assess the effectiveness of your team in a crisis situation as well as their ability to communicate under pressure.

T

IDENTIFY

Identify skills and knowledge gaps within your Crisis Management Team.

EVIDENCE

Evidence your commitment to security and risk management as required under the GDPR.

What People are Saying

“Extremely Helpful”

“Red Goat Cyber Security were extremely helpful and professional. Their knowledge of cyber security and table top exercising was excellent and provided a real stimulus in preparing for a potential cyber-attack. We would highly recommend them to other maritime and logistic companies”

David Brown OBE, Chief Executive
Bristol Port Company

“Highly Recommend”

“I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We had a wide ranging participation group and they were able to guide and advise as well as ensuring engagement throughout the exercise. It provoked a lot of thought and group discussion. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations”

Andrew Cowling, Director of Informatics at Salisbury NHS Foundation Trust
Salisbury NHS Foundation Trust

WHAT ARE WE TESTING?

  • Team work and communication
  • Co-ordination with the Police and the ICO
  • Social media response
  • Handling the press
  • Effectiveness of plans, policies and procedures
  • Communication with staff, suppliers and customers

What is included?

l

FULLY MANAGED CYBER ATTACK EXERCISE

We plan and deliver a high quality, bespoke cyber attack exercise. 

w

POST-EXERCISE HOT AND COLD DEBRIEFS

We deliver a hot debrief immediately after the exercise and a cold debrief once the full report has been compiled.

i

REPORT AND RECOMMENDATIONS

We deliver a full report on the outcomes of the exercise, lessons learned and recommendations for improving your plan. We present the report to you & deliver a cold debrief.

How is the exercise created?

We manage the entire project from start to finish. Some of our clients like input into the design of the scenario and this can be a great way to add some extra realism. However it is important that the team who will participate in the exercise don’t know anything about the scenario beforehand.

How long does it take?

This depends on the maturity of your current plans. Some clients are developing a plan for the first time whereas others have a more tried & tested plan. The table top exercise section is 4 hours long including the hot debrief. We work around you so as to cause minimal business disruption.

Who needs to be involved?

The main teams that should be involved in a Cyber Attack War Game are the incident response team and other crucial staff such as HR, I.T, Communications, and any operational managers that may be involved in an incident.

Take control of your cyber security and contact us now...

+44 117 325 9190
DATA PROCESSING

By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them.Read our privacy policy here

Related Content

Why run a cyber crisis exercise?

Why run a cyber crisis exercise?

Why run a cyber crisis exercise? Regulators around the world now have an expectation that organisations will test cyber resilience through exercising. Organisations such as NIST and the CPNI recommend regular exercises to prepare for a cyber attack and it has become...

Maersk Incident Response

Maersk Incident Response

Fire drills are commonplace. We test the alarms, the evacuation procedures and the fire marshals get to practice their roles. In a cyber attack there can be just as much chaos as with a fire, perhaps even more so. This is why incident response is such an important...