Speakers
Synopsis
In this session, we will explore two key cyber incident response exercises that have significantly enhanced our organisation's readiness to handle security incidents.Live Fire Incident Response Exercise: During this live fire exercise, we collaborated with technical and operational teams across the business. The environment was preseeded with real technical artifacts to simulate a genuine cyberattack, allowing our teams to conduct in-depth threat hunting. The exercise involved full technical recovery procedures and included participation from approximately 40 personnel across various IT departments. Additionally, real-time communication was tested between diverse teams, including operational technology (OT), legal, and others, ensuring a holistic response to the incident.Crisis Management Team Desktop Exercise: This desktop exercise focused on working with our executive leadership team to assess their response to a high-impact insider threat scenario during a storm event. The exercise tested our leadership's ability to manage a complex security incident in real-time, emphasizing decision-making and strategic communication across the organization.By reflecting on these exercises, we will share valuable insights and our lessons learned to strengthen our cyber resilience, technical response capabilities, and leadership decision-making in the face of cyber threats.
