Making Teams Crisis-Ready

This scenario focuses on an APT attack against a nation-state (United Queendom, capital city Londonia). Participants will assume the role of new Head of Security Operations of the National Cyber Security Centre and will be tasked with reacting, responding, and mitigation of a series of escalating cyber and cyber-physical threats. The attack culminates with malicious activity targeting the nation’s central police databases. Several cyber security incidents are covered in the scenario, such as a DDoS attack, VPN vulnerabilities, business email compromise fraud, malware and data theft.

Other challenges and decision points include issues about remote working, supply chain vulnerabilities, Critical National Infrastructure regulatory compliance including a Water Plant, human aspects of cyber security such as a suspected insider threat and social engineering. Participants will be responding to challenges including threat intelligence and threat modelling, law enforcement capabilities, and communications and stakeholder management in a major incident context.