Cyber Crisis Exercise

An immersive and evolving cyber attack exercise to test your plans and strategic and tactical responses.

Book Now

The costs of a cyber incident manifesting can be enormous. In 2023 the average cost of a data breach was estimated to be $4.45m. Companies with confident incident response teams and who test their plans and playbooks with a table top exercise have been estimated to save on average over $1.2m if a breach occurs.

What is a Cyber Crisis Exercise?

An immersive and evolving table top exercise to test your strategic and tactical response to an incident. It helps prepare you for an attack and allows you to test how key staff make and communicate vital decisions in a developing situation.

  • All of our cyber crisis exercises are developed in a collaborative way to ensure they are unique to each client and tailored to your environment, risk profile and business priorities.
  • Our final report will detail recommendations for improvement and provide evidence that the exercise was completed to satisfy regulators.
  • We have run exercises in a number of industries including financial services, critical national infrastructure and healthcare.
  • Approaching the table top exercise from the perspective of building a high performing team and a robust and flexible plan has enabled us to have a lot of demonstrable success.

The Process


We assess your current plans and understand your assets and vulnerabilities.


We plan & carry out the Cyber Crisis Exercise with your incident response team and crucial staff. We deliver a hot debrief after the exercise.


You will receive a full written report with findings from the exercise and suggestions for improving your plans.


A full review of amended incident response / business continuity plans can be conducted. Retesting can be done when required.

Key Elements


Test that your team understands your incident response plan including how to activate and manage it.


Check that you are applying the core principles of incident management & business continuity best practice.


Assess the effectiveness of your team in a crisis situation as well as their ability to communicate under pressure.

What our clients are saying

“Realistic scenario”

We were very impressed with how Red Goat engaged with our InfoSec department, drafting up a realistic scenario that included a few twist and turns to keep the response team on their toes.

Everyone engaged well with the exercise and whilst great fun, some very valuable lessons were learned.

“Tremendous value”

“Red Goat was recommended by an industry contact and from the first conversation and throughout the engagement, we were very impressed. Our executives were fully engaged through the exercise and we gained tremendous value in exploring potential issues and challenges which has driven improvements to our security posture and resiliency”

“Extremely Helpful”

“Red Goat Cyber Security were extremely helpful and professional. Their knowledge of cyber security and table top exercising was excellent and provided a real stimulus in preparing for a potential cyber-attack. We would highly recommend them to other maritime and logistic companies”

“Highly Recommend”

“I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We had a wide ranging participation group and they were able to guide and advise as well as ensuring engagement throughout the exercise. It provoked a lot of thought and group discussion. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations”

What is included?


We work with you to plan and deliver a high quality, bespoke cyber attack exercise including a full run-through prior to the exercise.


We deliver a hot debrief immediately after the table top exercise and collect feedback from participants for inclusion in the report.


We deliver a full report and executive summary on the outcomes of the exercise. This includes lessons learned and recommendations for improving your plan.

Get in touch to discuss how we can help you achieve your security awareness or resilience goals.

By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them.
Read our privacy policy here.

    Related Content

    DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

    During 2023 the United Arab Emirates was busy. Very busy in fact. They implemented a significant number of legislative reforms in the areas of cyber […]

    Read more

    A 7 step crisis communication plan checklist

    The purpose of this crisis communication plan checklist is to allow you a quick and easy way to evaluate your existing cyber crisis communication plan […]

    Read more

    Key risk indicators in cyber security

    Understanding key risk indicators (KRIs) in cybersecurity In the constantly evolving landscape of cybersecurity, key risk indicators (KRIs) play a crucial role in measuring and […]

    Read more

    How to write an effective ransomware playbook

    Ransomware playbooks contain detailed instructions on what to do in the event of a ransomware attack. Read our guide to getting started with developing a ransomware playbook for your organisation.

    Read more

    How to get exec approval for a cyber exercise

    Testing your response to a cyber-attack will save you resources in the event of a real incident, but for many organisations taking the first step in exercising can seem like a big commitment in time and energy. Here are some top tips on getting exec approval for a cyber exercise.

    Read more

    Get started with crisis communication planning

    Cyber-attacks are no longer outlier events. In fact, the old saying of “it’s not if – but when” has sadly proven true for many organisations. For this reason many organisations are now heavily focused on planning and preparing for a cyber-attack and increasing their levels of resilience, response and redundancy to enable them to survive.

    Read more