The speed and complexity of cyber attacks often overwhelm the affected companies. Monetary losses due to production losses and regulatory fines as well as a negative reputation are the result - often combined with the loss of authority, even though appropriate software has been purchased, processes for detecting security incidents have been introduced and audits have been carried out.
How can this situation be avoided?
Managing cyber crises requires the following from management:
- Intuitive understanding of one's own role as well as the functioning of a crisis team.
- Conceptualising detailed situations using examples.
- Decision-making in precarious situations and reviewing them.
- Considering and incorporating the opinions of business and IT experts.
- Dealing with third parties in the event of a crisis.
- Dealing with psychological stress, both personal and that of others.
- Communicating with security headquarters.
- Audit-proof documentation of a crisis.
The training includes a very clear demonstration of a typical attack on companies in the financial sector. Afterwards, a "meet-the-hacker" Q&A allows for an in-depth conversation on all security topics.
The training is conducted as a table-top exercise and includes a walk-thru through a typical cyber attack on a financial services company.