Cyber Crisis Exercise

An immersive and evolving cyber attack exercise to test your plans and strategic and tactical responses.

The costs of a cyber incident manifesting can be enormous. In 2021 the average cost of a data breach was estimated to be $4.24m. Companies with confident incident response teams and who test their plans and playbooks with a table top exercise have been estimated to save on average over $1.2m if a breach occurs.

What is a Cyber Crisis Exercise?

An immersive and evolving table top exercise to test your strategic and tactical response to an incident. It helps prepare you for an attack and allows you to test how key staff make and communicate vital decisions in a developing situation.

All of our cyber crisis exercises are developed in a collaborative way to ensure they are unique to each client and tailored to your environment, risk profile and business priorities.
Our final report will detail recommendations for improvement and provide evidence that the exercise was completed to satisfy regulators.
We have run exercises in a number of industries including financial services, critical national infrastructure and healthcare.
Approaching the table top exercise from the perspective of building a high performing team and a robust and flexible plan has enabled us to have a lot of demonstrable success.

The Process

Scoping

We assess your current plans and understand your assets and vulnerabilities.

Exercise

We plan & carry out the Cyber Crisis Exercise with your incident response team and crucial staff. We deliver a hot debrief after the exercise.

Reporting

You will receive a full written report with findings from the exercise and suggestions for improving your plans.

Review

A full review of amended incident response / business continuity plans can be conducted. Retesting can be done when required.

Key Elements

TEST

Test that your team understands your incident response plan including how to activate and manage it.

CHECK

Check that you are applying the core principles of incident management & business continuity best practice.

ASSESS

Assess the effectiveness of your team in a crisis situation as well as their ability to communicate under pressure.

What our clients are saying

“Extremely Helpful”

“Red Goat Cyber Security were extremely helpful and professional. Their knowledge of cyber security and table top exercising was excellent and provided a real stimulus in preparing for a potential cyber-attack. We would highly recommend them to other maritime and logistic companies”

“Highly Recommend”

“I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We had a wide ranging participation group and they were able to guide and advise as well as ensuring engagement throughout the exercise. It provoked a lot of thought and group discussion. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations”

“Valuable lessons”

We were very impressed with how Red Goat engaged with our InfoSec department, drafting up a realistic scenario that included a few twist and turns to keep the response team on their toes.

Everyone engaged well with the exercise and whilst great fun, some very valuable lessons were learned.

What is included?

FULLY MANAGED EXERCISE

We work with you to plan and deliver a high quality, bespoke cyber attack exercise including a full run-through prior to the exercise.

POST-EXERCISE HOT DEBRIEF

We deliver a hot debrief immediately after the table top exercise and collect feedback from participants for inclusion in the report.

REPORT AND COLD DEBRIEF

We deliver a full report and executive summary on the outcomes of the exercise. This includes lessons learned and recommendations for improving your plan.

Get in touch to discuss how we can help you achieve your security awareness or resilience goals.

By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them.
Read our privacy policy here.

Related Content

View all Articles

Key risk indicators in cyber security

Understanding key risk indicators (KRIs) in cybersecurity In the constantly evolving landscape of cybersecurity, key risk indicators (KRIs) play a crucial role in measuring and […]

How to write an effective ransomware playbook

Ransomware playbooks contain detailed instructions on what to do in the event of a ransomware attack. Read our guide to getting started with developing a ransomware playbook for your organisation.

How to get exec approval for a cyber exercise

Testing your response to a cyber-attack will save you resources in the event of a real incident, but for many organisations taking the first step in exercising can seem like a big commitment in time and energy. Here are some top tips on getting exec approval for a cyber exercise.

Get started with crisis communication planning

Cyber-attacks are no longer outlier events. In fact, the old saying of “it’s not if – but when” has sadly proven true for many organisations. For this reason many organisations are now heavily focused on planning and preparing for a cyber-attack and increasing their levels of resilience, response and redundancy to enable them to survive.

7 Examples of Cyber Tabletop Exercises

Would you know how to respond if your organisation was hit by a cyber attack? Running a cyber tabletop exercise allows you to prepare and test responses in a safe environment. But what type of cyber incident should you use in your exercise? Here are seven examples of cyber tabletop exercises that you could consider running for your crisis team.

A big change for future cyber-attack victims in France?

A big change is coming in France. From April 24th this year cyber attack victims will now have 72 hours…