An interactive technique that immerses potential cyber incident responders in a simulated cyber scenario.
Cyber incidents will occur that require agility and sound judgement in the face of the unknown. These events call for concerted engagement by many organisational functions, including risk management, legal, public affairs, talent management and technology. Interaction may be required with a wide range of external third parties, including industry peers, regulators, law enforcement and vendors providing support functions. Just like a firedrill exercise practice makes perfect. Our experience is that testing the incident response plan with real scenarios through a gameplay gives the best insights into the organisation’s actual resilience.
To reduce damage and impact, organisations need to have the ability to:
- Efficiently assess and determine the scope of the event;
- Act decisively to contain the impact and preserve forensic information;
- Determine when to engage or report to law enforcement and/or regulatory bodies;
- Manage communications to control public and investor perception; and
- Activate business continuity and recovery mechanisms.