Incident Response Scenario Testing

Our Incident Response Scenario Testing (also known as ‘Wargaming’) is for organisations who have established an incident response and business continuity plan, that wish to test the effectiveness of that plan in a controlled manner.

Secarma have developed a Cybersecurity Incident Wargaming service, which is designed to explore the effectiveness of an incident response plan against realistic scenarios, through a tabletop exercise.

Wargames are usually scheduled for a three-hour session, allowing for the steps of incident response to be deeply explored, yet still allowing for breaks and open discussion in the group.

At the end of the session, the intention is that the response team will more clearly understand the strengths and weaknesses of their incident response planning.

We have found these sessions work best when each aspect of the response team is represented in the room, such as the board, the technical team, and the communications team.

We typically develop scenarios that are based on real-world incidents that have previously taken place. However, if your organisation wishes to test against a specific scenario, we can build a bespoke exercise.

Example scenarios include:

• Malicious Software Outbreak -  This scenario plays through the common stages of a major malware outbreak to test how well an organisation can identify, contain, eradicate, and recover from an attack such as mass ransomware.
• Denial of Service Attack -  This scenario walks through a complex denial of service attack that impacts a major, or public, system. It tests how well an organisation identifies and mitigates the attack, whilst managing the potential public relations impact of service outages
• Website Defacement - This scenario walks through how an organisation responds to a very public breach such as a website defacement. It tests how well they can identify the issue that led to the defacement, restore systems to working order, harden them from further attacks, and manage the public response.

Want to know more about how incident response scenario testing could benefit your organisation? Get in touch with one of our experts today for more information.