Cyber Crisis Exercising


Cyber Crisis Exercising

Preparing the organizations to manage cyber crises with inherently strong operational and reputational impact

Currently, cyber attacks are increasingly targeting critical infrastructures and major players from all sectors, widening the operational, legal and reputational risk caused by inadequate resilience within the more aggressive and complex cyber space. This is one important reason to exercise potential failures of technical and organizational security measures trough a crisis simulation exercise.

Customers, suppliers, employees, and other stakeholders understand that crises will occasionally affect the organization. What they find hard to understand are the lack of preparation, the inadequate responses, and the confusing communications coming from the management.

Cyber Crisis Exercising services

Download pdf

What organizations can do

Organizations should increase their ability to absorb both the operational and mediatic impact triggered by critical cyber incidents trough crisis simulations with top management and crisis handling teams.

Trough table-top exercises, most of the activities with strong relevance during real crises may be reviewed and trained:

  • Key Strategic Decisions taken by the management during specific crisis scenarios;
  • The internal and external communication strategy;
  • The legal response, notification timeline and ownership;
  • The roles and actions pre-defined in Crisis Management and Business Continuity plans.

The most relevant and fruitful crises simulation exercises are those attended by the entire management team, including the key people in charge with internal and external communication, legal & compliance, fraud, finance, IT, operations, production, procurement, cybersecurity, privacy and business continuity.

How Deloitte can support

Deloitte experts review the crisis management framework and prepare personalized table-top exercises for management teams, covering the most important types of cyber risk scenarios.

For an in-depth exploration
of our cybersecurity expertise
Discover more


Andrei Ionescu

Andrei Ionescu

Market Leader Consulting

Partner leading the Consulting and Risk Advisory service lines in the Romania & Moldova practice. Andrei has more than 20 years of experience in risk management, cyber risk, internal audit, fraud mana... More

Sergiu Zaharia

Sergiu Zaharia


Sergiu is Cyber Strategy Advisory Director with more than 20 years of experience in Defense, Telco, Financial, Retail, Manufacturing and other sectors as security advisor, trainer and CISO/BCM Manager... More