This scenario is recommended for organisations who want to extend the understanding of various ransomware scenario cases from the perspective of leadership, strategic communications, and information sharing processes with key stakeholders, including regulators. Players in this game will be challenged to make complex decisions around disclosure, transparency, with ambiguity fuelling debates about what the ransom payment really is, especially when control is lost over sensitive data. Delegates will be made to work with the hackers carefully balancing to not putting themselves, and their business, on the wrong side of the law.

​

The scenario was optimised for the case of 3 teams working together, with a lessons-learned session at the end, where each team presents the strategies they’ve used, to see how each of them fared. For an individual learning experience, players can experiment with the different branches one-at-a-time.