PlanB Consulting offers a wide range of cyber attack response exercises for organisations to explore and practice their incident management plans. We will plan your exercise to be different from the standard business continuity or crisis management scenarios. The exercise will involve strategic response, be challenging and have media interest. The scenario will be credible and tie-in with current real incidents.
When British Airways, Marriott, Travelex, and Equifax were hacked, their poor responses and the fallout this caused has highlighted the need for companies both large and small to be prepared for managing the external response to a cyber-attack.
“You are going to be hacked: Have a plan,” said Josef Demarest, of the FBI. “You should also test and exercise that plan”.
We have delivered a large number of different exercises from a full SIMEX (Simulated Exercise / Command Post exercise) for a Private Bank, to Table Top Exercises for government organisations, emergency services and a number of fintech organisations.
Our exercises include the following elements:
Strategic decisions, such as:
- Whether to turn off systems if you suspect they have been compromised.
- When you need to involve law enforcement.
- When to engage with the media.
- And how to respond to any ransom demands.
- When and how to inform stakeholders
How to communicate with a wide variety of stakeholders including:
- Managing the response to the media.
- When to tell stakeholders and customers that there has been a possible breach
- Regulatory reporting in the jurisdictions the organisation operates in
- Reporting to the ICO
- Managing stakeholders across a number of time zones if applicable.
- What guidance should be sent to stakeholders if personal data has been lost.
- Managing speculation and rumour.
Managing the interface between those responding technically and those managing the incident and communications.
Exercise in a Box
An online tool which helps organisations find out how resilient they are to cyber attacks and practise their response in a safe environment.
PlanB can also facilitate “Exercise in a Box”, it is an online tool from the NCSC (National Cyber Security Centre) which helps organisations test and practise their response to a cyber attack.
PlanB can provide exercises, based around the main cyber threats, which your organisation can do in your own time, in a safe environment, as many times as you want.
It includes everything you need for setting up, planning, delivery, and post-exercise activity, all in one place.
Those taking part in PlanB Consulting exercises can practice their media and social response in real-time using our MITS Platform.“
“The amount of time spent planning, preparing, communicating, rehearsing and exercising will have a direct bearing on your ability to survive, overcome and eventually benefit from cyber-attack. If little time is spent preparing and planning, the consequences will be severe and potentially long-lasting.”
Senior Security Leader of Top Ten Global Brand hit by high profile breach