Cyber Crisis Exercise

An immersive and evolving cyber attack exercise to test your plans and strategic and tactical responses.

Book Now

“The costs of a cyber incident can be enormous”

In 2023 the average cost of a data breach was estimated to be $4.45m.
Companies with confident incident response teams and who test their plans and playbooks with a table top exercise have been estimated to save on average over $1.2m if a breach occurs.

“The costs of a cyber incident can be enormous”

In 2023 the average cost of a data breach was estimated to be $4.45m.
Companies with confident incident response teams and who test their plans and playbooks with a table top exercise have been estimated to save on average over $1.2m if a breach occurs.

What is a Cyber Crisis Exercise?

An immersive and evolving table top exercise to test your strategic and tactical response to an incident. It helps prepare you for an attack and allows you to test how key staff make and communicate vital decisions in a developing situation.

All of our cyber crisis exercises are developed in a collaborative way to ensure they are unique to each client and tailored to your environment, risk profile and business priorities.

The Process


We assess your current plans and understand your assets and vulnerabilities.



We plan & carry out the Cyber Crisis Exercise with your incident response team and crucial staff. We deliver a hot debrief after the exercise.



You will receive a full written report with findings from the exercise and suggestions for improving your plans.



A full review of amended incident response / business continuity plans can be conducted. Retesting can be done when required.


Benefits of a Tabletop Exercise

Improve skills of your response teams

Exercises improve teamwork, confidence and make your members more aware of their individual roles and responsibilities in a “realistic” crisis.

Test existing incident response plans

Improve and update your plans and playbooks by testing how they perform in a realistic bespoke scenario based around your departments and infrastructure.

Comply with regulatory and auditory demands

Demonstrate alignment with compliance requirements and show preparedness to regulatory bodies, with documented exercises and lessons learned.

Improve response times

Companies that run exercises can respond faster and more effectively because skillsets required in a crisis have been rehearsed in a supportive environment.

Build cyber risk awareness

Exercises allow you to raise awareness of cyber threats at all levels of your organisation and show your management’s commitment to cyber resilience.

Get executive buy-in

Increased awareness of cyber issues builds momentum for improving incident response plans and increasing investment in resilience capabilities.

What Our Clients Are Saying

“Realistic scenario”

We were very impressed with how Red Goat engaged with our InfoSec department, drafting up a realistic scenario that included a few twist and turns to keep the response team on their toes.

Everyone engaged well with the exercise and whilst great fun, some very valuable lessons were learned.

“Extremely Helpful”

“Red Goat Cyber Security were extremely helpful and professional. Their knowledge of cyber security and table top exercising was excellent and provided a real stimulus in preparing for a potential cyber-attack. We would highly recommend them to other maritime and logistic companies”

“Highly Recommend”

“I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We had a wide ranging participation group and they were able to guide and advise as well as ensuring engagement throughout the exercise. It provoked a lot of thought and group discussion. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations”

Key Elements Included in the Exercise

  • Information gathering and document review
  • Pre- exercise scenario run-through
  • Bespoke intelligence driven scenario
  • Experienced exercise facilitators
  • Post exercise feedback and information gathering
  • After Action Report with recommendations

Cyber Exercise Document Deliverables

Fully Managed Exercise

We work with you to plan and deliver a high quality, bespoke cyber-attack exercise. This includes a complete run-through prior to the exercise.

Post-Exercise Hot Debrief

After the exercise we run a short debrief. This reviews key findings, lessons learned, and collects participant feedback for inclusion in the final report.


You receive the After Action Report. There’s an executive summary, plus deeper analysis of results, plus recommended next steps.

After Action Report: Ready for Action

Mapping Your Next Steps

You gain a clear record of actions taken to mitigate cyber threats. Ready for sharing to relevant stakeholders, and helping you establish a baseline for cyber-attack readiness.


Giving Evidence Based Prioritisation

These recommendations form the foundation for an action plans to improve your cybersecurity posture. These are divided into primary and secondary tiers, for immediate and long-term resolutions.


Supporting Decision Making

You collect insights into your organisation’s risk readiness and response capabilities. This helps to inform your decision-making for future cybersecurity strategies and investments.

Why Businesses Choose Red Goat Cyber Security

We have extensive experience of running exercises within a wide range of often regulated industries.

These include financial services, law, cloud computing, SaaS, and NGOs. This broad experience, combined with our expertise and knowledge, ensures you get the most out of your cyber tabletop exercise.

We can provide support for development, train staff to take part in cyber exercises and produce an independent report with recommendations.

What is Included?

Fully Managed Exercise

We work with you to plan and deliver a high quality, bespoke cyber attack exercise including a full run-through prior to the exercise.

Post-Exercise Hot Debrief

We deliver a hot debrief immediately after the table top exercise and collect feedback from participants for inclusion in the report.

Report and Cold Debrief

We deliver a full report and executive summary on the outcomes of the exercise. This includes lessons learned and recommendations for improving your plan.

Case Studies


“We are a global foreign exchange business and were looking for an external firm to design and deliver a cyber crisis simulation to our executives.

After speaking to several providers who didn’t fill us with confidence, Red Goat was recommended by an industry contact and from the first conversation and throughout the engagement, we were very impressed. Lisa and team demonstrated deep insight on cyber incidents and impact, and we worked together to transfer understanding of our business in order to design a highly effective set of simulation injects. Our executives were fully engaged through the exercise and we gained tremendous value in exploring potential issues and challenges which has driven improvements to our security posture and resiliency.

It was a pleasure working with Red Goat and we would recommend them to others.”

James Baker, Senior Cyber Services Manager
Travelex (2023)

Prepare Your Team for Cyber Threats

What You’ll Find in the Flyer:

  • Overview of the Exercise: Detailed description of the exercise structure and objectives.
  • Benefits: Key benefits your team will gain running a cyber exercise.
  • Whats included:  The components of a cyber crisis exercise from Red Goat.
  • 5 Steps to resilience: An overview of the delivery process from start to finish.

Get in touch to discuss how we can help you achieve your security awareness or resilience goals.

By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them.
Read our privacy policy here.

    Related Content

    Navigating a Third-Party Data Breach: Santander’s Effective Communication Strategy

    Last week the Spanish bank, Santander, reported that they had suffered a data breach via a third party….

    Read more

    DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

    During 2023 the United Arab Emirates was busy. Very busy in fact. They implemented a significant number of legislative reforms in the areas of cyber […]

    Read more

    A 7 step crisis communication plan checklist

    The purpose of this crisis communication plan checklist is to allow you a quick and easy way to evaluate your existing cyber crisis communication plan […]

    Read more

    Key risk indicators in cyber security

    Understanding key risk indicators (KRIs) in cybersecurity In the constantly evolving landscape of cybersecurity, key risk indicators (KRIs) play a crucial role in measuring and […]

    Read more

    How to write an effective ransomware playbook

    Ransomware playbooks contain detailed instructions on what to do in the event of a ransomware attack. Read our guide to getting started with developing a ransomware playbook for your organisation.

    Read more

    How to get exec approval for a cyber exercise

    Testing your response to a cyber-attack will save you resources in the event of a real incident, but for many organisations taking the first step in exercising can seem like a big commitment in time and energy. Here are some top tips on getting exec approval for a cyber exercise.

    Read more