Experience shows that untested emergency plans are only partially useful. The crisis must be rehearsed to verify if what is written actually works. Documentation is only the first step. That's why we offer you the opportunity to test your emergency plan in a crisis exercise.
We challenge IT teams and practice the worst-case scenario with relevant stakeholders.
Crisis team - please assemble. We have a full encryption situation. How do we proceed?
The main objective of the drill is to test and improve responsiveness, efficiency, and cooperation in the event of an IT security incident. By simulating a realistic crisis scenario, the existing emergency plans and processes are to be reviewed and communication under difficult conditions is to be practiced. At the end of the exercise, a lessons learned meeting will be held to gather insights and plan future measures to strengthen the IT security infrastructure and processes.
Of course, we begin with a detailed preliminary discussion where we coordinate the scenario and all relevant details with IT management. In this context, there is the possibility to adjust the scope or design specific exercise aspects according to your individual requirements. The topic areas can be focused on alerting, reporting, forensics, log-collecting, or defined differently. The scope is defined together.
The organizational crisis exercise for the crisis team aims to improve the response capability and cooperation of the crisis team in a scenario of a serious IT security incident. Participants should learn effective action in such situations and identify weaknesses within the organization. Here we outline a detailed crisis scenario. Participants are introduced to this scenario and must deal with questions from real incidents. Topics include emergency operations, communication, legal aspects, or emergency plans.
After the crisis exercises, we conduct detailed lessons learned meetings. Here, the results are thoroughly discussed, insights are gathered, and recommendations for future measures are derived for the company. Our goal is to improve IT security and the company's incident response capabilities, prepare for possible crisis situations, and uncover current vulnerabilities.