Cyber Drill – Executive & Management Table Top Simulation
What is Cyber Drill?
A table top Cyber Drill enables an organisation to get experience with managing realistic and industry-related cyber-incidents in a sterilised environment. Comsec’s approach to Cyber Security Drills enables organisations to increase their Information & Cyber Security resilience at all levels, improve decision-making in Information & Cyber Security scenarios, and improve organisational IT security strategy and response to security incidents.
Challenge faced by Client’s
Due to the high density of IT systems and their interconnectivity, most organisations are aware that a cyber-attack with business impact is likely to occur. Organisations therefore spend a lot of effort into improving and verifying the effectiveness of their security controls and readiness for an incident.
However, in many cases, organisations prepare themselves only at the technical level and do not consider the business impact, decision-making and reaction processes, and staff readiness for when an incident occurs. In reality, incident management experience leads to educated decision making, which is a crucial pre-requisite for proper incident handling.
Comsec’s Cyber Drill Solutions:
Comsec’s Cyber Drill service provides training to several levels of managers including C-Level executives, operational level management, and technical personnel.
The simulation is performed using a “table top” approach, which means that all the incidents are communicated using a (written/graphical) description of the events, rather than physical intervention with the organisation’s operations.
Comsec’s Cyber Drill is inspired by real incidents, including both industry-known ones and ones we have identified with our clients, and are tailored to the business context of the client.
During the simulation Comsec will provide the participants of the simulation with a chain of events that represent an incident. Comsec will observe the actions and reaction to the events, analyse the decision making process, and provide insights into which actions/decisions should be preserved and how other decisions/actions could be improved in the future.
The Cyber Drill key objectives are to:
Enable the participants to face Information & Cyber Security scenarios, in which creativity, collaboration, imagination, and exceptional actions are sparked in an objective to improve and establish readiness in dealing with the practiced threats.
Reflect a crisis situation, consisted of realistic Information & Cyber Security incidents
Raise the organisation readiness and involvement level in the event of an Information & Cyber Security attacks and to test the familiarity of the participants with, and effectiveness of, the relevant ‘Incident Response’ processes.
Understand the key areas participants need to address in order to defend against and respond to Information & Cyber Security incidents.
Empower the organisation to adjust and enhance decision making procedures and strategies in the context of challenging Information & Cyber security dilemmas and scenarios.
Identify key gaps in the current business and information & Cyber Security policies, standards, processes, and their implantation that may result in financial, data or reputational loss.
Comsec’s Cyber Drill – Table Top Simulation service is unique in its approach as it provides training to management based on real life incidents by taking into account an organisation’s business context and its cyber threat map.
Comsec delivers the simulation using an organisation’s standard communication tools to make the experience as close as possible to the organisation’s day to day processes.
Comsec’s Bottom Line
Comsec’s Cyber Drill – Executive & Management Table Top Simulation service provides organisations with an opportunity to get experienced with managing real-life Information & Cyber Security Incidents without the risk of damaging the organisation. The simulations are performed using the organisation’s communication and work-flow platforms that are expected to be used in the case of a real incident and is tailored for the busy schedule of executives, who possibly cannot participate on-site for the entire duration of the drill.
Comsec has been successfully performing such Cyber Drills with various organisations, from blue-chip to start-ups, and from a diverse range of industries.