Cyber Incident Response Exercises
We can provide cyber incident response exercises, tailored to your organisation and suitable for executives, IT specialists or your incident response team.
We will develop and facilitate a security incident response tabletop exercise according to your objectives.
The exercise can be delivered for an executive, operational or IT audience and will be tailored to your organisation to make it realistic for attendees.
The exercise can be stand-alone or delivered together with awareness training for participants.
We’ll gather information from you about your organisation such as what types of sensitive information you hold, details on your systems, user activity, business operations, your critical assets, response plans, stakeholders, customers, shareholders, likely threats and legal obligations – so that with your input, your scenario and escalations are tailored to meet your specific requirements.
We’ll also include social media and newspaper coverage mock-ups and prepare bespoke television news reports as shown in the following video.
Your consultant will be highly qualified and experienced in cyber incident response management, information security and related fields.
We can train your cyber incident response team in cyber security awareness and the types of social engineering they may come across, such as phishing emails. We offer real-world advice and will support you fully throughout so you get the most out of your bespoke exercises.
Our tabletop cyber incident exercises are designed to demonstrate and exercise your incident response plans, breach notification processes, escalation procedures and communications plans. We discuss the cyber Incident Response Team roles and responsibilities and include your input into the scenarios to enable us to customise them for you by reference to matters such as:
Our cyber incident response exercises use the scenarios agreed with you during the planning stage. We can deliver the exercise onsite at your location, or remotely if preferred.
We can deliver a single exercise, based on one longer scenario or break up the day into multiple shorter exercises based on different scenarios.
Onsite exercises can be combined with interactive workshops for attendees. These can cover related topics such as the types of cyber threats faced by your organisation.
When delivering the exercise, we’ll start with introductions, then move into the scenario and finish with a wrap-up discussion. See below for more on each stage.
Your cyber incident response tabletop exercise introduction will set the scene based on the agreed cyber incident scenarios and will provide your organisation with an opportunity to review matters including your cyber incident detection and response capabilities and processes for sharing information and your relationships with key stakeholders (internal and external).
Using scenario ‘injects’, we test your processes for responses to specific issues that may arise during an incident and pose questions about incident governance.
During a wrap-up discussion, our facilitators will guide participants to identify your overall ability to identify, protect and respond to cyber incidents and to consider areas for improvement.
During the table top exercises, our facilitators will take notes and identify strengths and areas for improvement in your incident response capabilities. After the onsite day, we will write these up in to a short report consisting of our findings and recommendations.
Contact us now for a friendly, no-obligation discussion or to request more information about our incident response services and exercises.Lets Talk
"*" indicates required fields
Cyber incident response can be defined as the actions taken by an organisation in the aftermath of a data breach or a cyber incident. Incident response combines a set of security policies and procedures, tools and approaches that an organisation can use to identify, contain and mitigate a cyber attack.
The aim of cyber incident response is to protect an organisation’s assets and prevent a cyber attack before it occurs. Cyber Incident Response should include a cyber incident response plan (IRP) as part of a managed service.
Your first line of defence is your team. By ensuring your incident response team and wider workforce have a good understanding of cyber security risks, you have taken the first step to creating a more robust security posture and being able to respond to a cyber incident effectively.
By participating in a cyber incident response exercise, you will improve:
Incident Response scenarios are an effective way for organisations to test their resilience and IRPs as well as educate their workforce on what to do in the event of a cyber incident.
Cyber incident response exercises are set on real-world scenarios which are observed by the team – the cyber incident response service provider will then ask the team questions on the scenario based on how they would respond to the scenario.
Questions asked may include things like:
Some example cyber incident scenarios might involve: