Enterprise Recovery

Cyber Wargaming

Cyber Wargaming helps organisations evaluate and improve their cyber incident response preparedness. Nothing can test an organisation’s readiness better than cyber wargaming exercises that simulate a real attack.

Challenges

An interactive technique that immerses potential cyber incident responders in a simulated cyber scenario.

Cyber incidents will occur that require agility and sound judgement in the face of the unknown. These events call for concerted engagement by many organisational functions, including risk management, legal, public affairs, talent management and technology. Interaction may be required with a wide range of external third parties, including industry peers, regulators, law enforcement and vendors providing support functions. Just like a firedrill exercise practice makes perfect. Our experience is that testing the incident response plan with real scenarios through a gameplay gives the best insights into the organisation’s actual resilience.

To reduce damage and impact, organisations need to have the ability to:

  • Efficiently assess and determine the scope of the event;

  • Act decisively to contain the impact and preserve forensic information;

  • Determine when to engage or report to law enforcement and/or regulatory bodies;

  • Manage communications to control public and investor perception; and

  • Activate business continuity and recovery mechanisms.

Our approach

Tailored scenarios are played out using one of our delivery models, aligned to the maturity of your participants. These exercises are designed to encourage participants to think and act through the decision-making process in a safe environment.

We have a well-refined five-stage simulation methodology that we use to design and deliver our simulations. This methodology has been refined and proven through the delivery of cyber simulations at numerous global banks and organisations across a broad range of industry sectors.

Our approach incorporates a tried and tested approach to designing, delivering and facilitating an exercise with an industry-leading understanding of the technical, operational and strategic responses required for a business to successfully respond to a major cyber crisis.

We have extensive experience of helping clients respond to live incidents, supporting them in resolving the technical, regulatory and reputational impacts of an incident.

Our global scale and cross-sector client base means that we have encountered the majority of cyber incidents. We are able to draw on our wealth of first-hand experience in order to make our exercises truly accurate.

  1. Initiation

    Establishing the scope, objectives and parameters of the exercise.

  2. Design

    Designing and approving the structure and flow of the exercise to meet the exercise objectives.

  3. Production

    Creating the products required to facilitate the exercise, including injects, participants’ pre-briefing packs, master event lists and data capture forms.

  4. Delivery

    Delivery and facilitation of the exercise event, including set-up, execution, and immediate feedback and data gathering.

  5. Evaluation

    Production of a post-exercise report collating findings, recommendations and feedback from participants.

  1. Initiation
  2. Design
  3. Production
  4. Delivery
  5. Evaluation

Establishing the scope, objectives and parameters of the exercise.

Designing and approving the structure and flow of the exercise to meet the exercise objectives.

Creating the products required to facilitate the exercise, including injects, participants’ pre-briefing packs, master event lists and data capture forms.

Delivery and facilitation of the exercise event, including set-up, execution, and immediate feedback and data gathering.

Production of a post-exercise report collating findings, recommendations and feedback from participants.

Why Deloitte?

Awarded market leaders

We strive to continuously lead the market in the area of cyber risk and security services. We are awarded and acknowledged by some of the most renowned institutions within the area of cyber, e.g. Gartner, ALM Intelligence and Forrester. In 2020, we were named global leader in Security Consulting Services for the 9th year in a row by Gartner.

Leading-edge technologies

We are committed to investing in innovation and emerging technologies to ensure that we are equipped with the latest tools to solve current and future challenges for our clients. Alliances with market-leading cyber vendors and groundbreaking startups around the world offer our clients access to a wide range of cyber-risk technologies and leading-edge technology innovation.

Global intelligence delivered locally

We have the largest professional services network in the world. Diversity across our cyber teams helps us work across the globe with a local and personal lens. We have over 8,600 dedicated cyber-risk service practitioners of which 1,300 are dedicated to Europe and the Middle East alone, ready to help our clients everywhere with any challenge.

End-to-end cyber-risk services

We cover every aspect of cyber risk — from advisory and implementation of strategic transformations to managed security services, product solutions and incident management. This enables us to deliver more resilient and silo-breaking solutions, taking the whole business chain into account. This helps our clients to leverage their potential and growth even more.

Reach out

If you want insights into your organisation’s actual resilience, please contact a member of our expert team today to discuss the best next steps.

Kim Schlyter

Partner

Morten von Seelen

Senior Manager