Case Study – Woolworths New Zealand
“Countdown regards the security and privacy of its customer data to be critical. We take our obligations seriously, and we wanted to test our cyber incident response procedures to identify any potential areas for further improvement. In order to help us to do this, we sought expert advice from a business offering reputable cyber-crime expertise.
Between February and May 2019, we worked with Incident Response Solutions to develop a simulation to test our cyber incident response maturity.
Incident Response Solutions demonstrated throughout the engagement that they had the expertise and experience to make the simulation not only realistic, but one that provided a number of valuable insights.
As a result of the simulation, we were able to identify a number of areas to build on our existing procedures.”
James Radcliffe, General Counsel
If your organisation was under cyber-attack, how would you respond?
A cyber incident simulation evaluates your organisation’s level of preparedness both from an executive and technical perspective.
The key outcome of a cyber incident simulation, or tabletop exercise as it is often referred, is that your organisation will have greater confidence to prepare, respond and recover in a crisis.
By conducting a simulation, you will:
- establish your current state of readiness
- gain a better understanding of the cyber risks you face
- practice your decision making in a safe environment
- identify areas for improvement.
We combine our experience in responding to actual cyber incidents, along with realistic and engaging tools, to help make your simulation real.
How does it work?
Working with your key sponsors, we expertly design a set of cyber incident scenarios that your organisation is most likely to face. We then create an immersive experience where participants join at varying stages throughout the simulation to apply their subject matter expertise.
A simulation typically consists of four successive scenarios. Our facilitator will introduce each scenario, and depending on progress, add further complicating factors that participants will need to address. Each scenario is timed to ensure the entire simulation is completed. A digital display provides updates and props to ensure it is as realistic as possible.
Simulations and scenarios are designed based on input from the sponsors and our expert knowledge of cyber-attacks, so no two simulations will be the same.
Start by asking yourself the following questions … and then get in contact with us.
- What is our current level of maturity within the Incident Response lifecycle?
- Do we have an up to date Incident Response Plan?
- Have we recently tested our Incident Response Plan?
- Have we conducted a post-incident review of any previous incidents, applied lessons learned and made improvements to our plan?