Making Teams Crisis-Ready
In your role as a Member of the Incident Response Team at MoneySafe Bank, you are tasked to assist the newly appointed Chief Information Security Officer (CISO) in dealing with a developing malicious ransomware cyber attack.
The attack has initially impacted the investment banking branch, but there is a possibility that it may spread to other parts of the business, including retail and corporate. As such, it is important for you and the CISO to work together to assess the potential risks and develop a plan of action to contain and mitigate the impact of the attack. This may involve implementing security measures such as firewalls, intrusion detection systems, and antivirus software, as well as conducting regular backups of critical data to prevent loss or corruption.
You may also need to liaise with external partners such as law enforcement agencies, journalists and cybersecurity experts to gather additional information and support. It will be crucial to maintain clear communication with all stakeholders, including senior management, employees, and customers, to avoid panic and confusion and ensure that everyone is aware of the situation and the steps being taken to address it.
As a member of the Incident Response Team, you play a critical role in protecting MoneySafe Bank from cyber threats and ensuring its continued success. By working closely with the CISO and other stakeholders, you can help to prevent and mitigate the impact of cyber attacks and safeguard the bank's assets and reputation.
Full Exercise: 4 hours (Facilitated)
Basic Challenges: 90 mins (Automated)
Crisis Management Teams and Comms Teams
Technical Maturity Level
IR process (NIST), Data Protection (GDPR),
Ransomware Playbooks, Crisis Communications,
Debriefing Senior Stakeholders and Media