Identify vulnerabilities
Risk can be managed if the gaps are identified and you have a plan to address the risk. Putting a plan into action will identify the areas that need further development, such as missing links in the chain of command or gaps in the recovery process.
Evaluate strength of the plan
Knowing how well a plan works is important because it demonstrates Due Diligence, increases confidence and reduces delays in the event of a real incident, and creates an audit trail of incident preparedness.
Ensure all the right people are involved and know their role
During a simulated crisis, teams often learn something new about their own organisation and themselves—exercising a plan is an opportunity to break out of silos and work as a cross-functional team to solve a complex problem.
Highlights wider implications
The impacts of a cyber attack can be wide reaching. A ransomware attack can shut down a global company and even bring critical services to a halt. It is through exercising the full suite of plans—Business Continuity, Crisis Management and Incident Response—that these wider implications can be identified and they can be addressed appropriately.
Our exercises will take your team through a tabletop cyber-attack scenario, based on a real-world incident. Participants will work through an incident in a safe environment, allowing for discussion and debate in order to truly put the plan to the test. The purpose of this facilitated session is to exercise existing plans, policies and procedures, and identify areas for further development.
Exercising the technical response to an incident is vital—this works towards verifying that people are prepared, the right tools and technologies are available and that processes are followed in a pragmatic way. These exercises are also useful for demonstrating due diligence to auditors.
If plans do not already exist, our experienced consultants can work with your key personnel to develop plans, policies and procedures—appropriate to a cyber incident—that can then be exercised.
Our Information Assurance team have had extensive experience developing plans, policies and procedures and work alongside our Incident Response teams to ensure these are appropriate to your organisation and its requirements for dealing with a cyber incident.
Leadership must have a clear overview of the threats their organisation and the sector are up against. Our tailored briefings provide leadership teams with the knowledge they need to make decisions around preventative measures and remediation activities.
