Secify’s Cyber War Game
Companies are being pressured to move towards an increased digital presence. The shift opens up an increased risk of cyber-attacks and other information security-related incidents. What do you do if you discover that you have leaked personal data or received a ransomware? How does management handle communication with suppliers, subcontractors and customers as well as internally with employees? What happens if the rumor spreads and the press calls, what do you say and what do you leave out?
It is only through practice that we can become better at handling incidents. The way we practice is similar to a fire drill; an incident occurs that you are forced to act on. The entire exercise is predetermined and has a planned course along the way with a series of different events and moments that you will be forced to act on.
Our cyber war game:
- tests, among other things, action plans and routines.
- identifies if knowledge is lacking to handle incidents.
- increases management’s understanding of how important cyber security is to the organization
- gives an indication of how easy it is to lose control of an incident.
Often what happens after a real attack can be at least as, or even more costly than the attack itself. Sanctions can be about everything from employees feeling unsafe in their workplace and starting to look elsewhere, to the media getting wind of the attack and calling and asking questions. We have seen on several occasions that an ill-considered comment to the press can in many cases lead to a wave of bad PR and, in the worst case, to customers simply changing their image of the company. It is therefore important that you understand what the effect of a cyber attack can be and that you prepare so that it can be handled in the best possible way.