Cyber incident simulation

What happens when something happens that shouldn’t? An actual IT crisis, a complete systems failure, or a ransomware removal demand?

Often there is ambiguity for such situations,

  • Whether everyone knows exactly what to do in the event of an IT emergency and where to find the relevant documents if an attack is more unusual and does not fit into the “routine”.
  • how resilient the IT emergency team is
  • what still needs to be done to make emergency response and crisis communications even better.
The goal
Optimal preparation for a potential emergency.

Together with your IT department, we analyze the most likely IT crises with a high probability of occurrence and amount of damage and create a business game for joint implementation.

Specifically, you will receive:

  • Knowing clearly where each contact’s strengths and weaknesses lie in an attack
  • Clarity, which attacks can already be mastered well and which not
  • Integrated, optimal emergency processes
  • Clear communication and a delineation of responsibilities

The procedure

In the first step, we sit down with the individual stakeholders (emergency team, executives, managers) in the form of 2 to 3 homogeneous group discussions so that the insights gained can be included in the simulation and contribute to sharpening the individual incident case studies. In addition to the technical IT exchange on previous incidents and the resulting learnings, the group discussions also take into account company specifics as well as the corporate culture and the situation/trends in the industry. The insights and wishes of the participants should contribute to the simulation being in high conformity with practice.
The simulation itself is accompanied by two K-ITS teams. Team B observes the simulation events, gathers information on crisis management and crisis communication, depending on the situation, uses the information to manage the events depending on the success/failure of crisis management. Team A guides the participants through the simulation event. Multi-layered incident simulations with avoidance options, dynamic adjustment depending on the response ensures a challenging crisis experience where the simulation cannot be designed to be “too easy” or “too complex”.

The project observations are then evaluated, and the project findings with concrete recommendations for action and listing of positive/negative aspects are mirrored to both the steering committee and the group of participants.

Your contact

You can always reach us personally. Because loyalty based on partnership is far more important to us than short-term success.

Philipp Kalweit

Philipp Kalweit

Managing Partner

 

+49 40 285 301 257

hello@kalwe.it

Philipp Kalweit is an experienced IT security consultant on the topics of security awareness and offensive IT auditing. For the past six years, he has been advising and auditing clients from the SME and group environment, in particular ECB and BaFin-regulated organizations as well as groups in the retail sector. His consulting focus is on holistic IT security. He was honored for his work in 2019 by DIE ZEIT as “Hamburger of the Month” and in the same year was included in the Forbes “30 under 30 DACH” list.