Executive Cyber Crisis Training – Can Your Organization Manage a Serious Crisis?

Part of the network crashes and soon traces of a cyberattack are found. Recovery can begin quickly, but has data been leaked? What actually happened? IT has their hands full and management is pressuring them to get the business running. Everyone is running around frantically, but is anyone leading the situation?
This is the nightmare of many CISOs and IT managers. But it’s also the nightmare of top management because a cyber crisis can, in the worst case, threaten the company’s existence. A cyber crisis starts with a technical problem, but can practically expand to affect everything beyond technical issues. Managing the crisis requires broad expertise and seamless collaboration between many different competencies. A simple incident, such as a computer infected with malware, can develop into a complex tangle involving stakeholder management, cooperation with authorities, internal and external communications, and business-critical decision-making for the company. We have developed a cyber exercise specifically designed for management, which enables organizations to practice a cyber crisis realistically. The cyber exercise is an opportunity to test the organization’s ability to function in a real cyber crisis – read more below!

It’s clear that managing a serious cyber crisis cannot be solely the responsibility of the IT department. A company needs good processes and practices for crisis management, and the situation must be led from a sufficiently high level. The CEO and management team are, in many companies, natural resources for leading crisis management.
A cyber crisis is a rare but serious event that can affect business continuity. This means that many companies have prepared for it at a theoretical level but have never tested whether their policies and processes work in practice. So, does your company trust that the plans will work in a real situation? Can the crisis team identify the right actions under pressure? Are the operating instructions certainly up to date and will they be remembered in a real situation? If this is not known with certainty, a cyber exercise is needed.

In a executive cyber crisis training, a fictional but realistic scenario is created. In the fictional scenario the company becomes the victim of an attack. The crisis team meets and receives information about the situation through feeds. The task is to analyze the situation, clarify necessary additional information, draw the right conclusions, and initiate corrective actions. Everything is not what it seems, and separating relevant information from background noise is always a challenge, both in the exercise and in a real situation. A 3-4 hour session can already implement a scenario that includes all dimensions of a serious crisis.
The cyber exercise begins with careful planning of the scenario. This is done in collaboration with the client to ensure the scenario is as realistic as possible. In the exercise itself, in addition to the management team, an exercise leader and observer are present. During the exercise, observations are made on how the group is led and how it works, how the received information is analyzed, and how well the needs of different stakeholders are understood. The findings are compiled into a report. The same project can also include reviewing and developing crisis management guidelines and processes, depending on the client’s needs.
The feedback discussion immediately after the exercise is important. Many participants feel that the exercise was eye-opening. The exercise provides a better picture of what a cyber crisis can be in practice and gives good preparation for acting correctly in a real situation. At the same time, deficiencies and areas for improvement in the guidelines are usually identified, which would have gone unnoticed without the exercise. An efficiently and correctly functioning crisis team ensures that the company does not neglect its reporting obligations and minimizes reputational damage from negative publicity, while enabling IT to focus on their part in peace.