What is a Cyber War Game
A war game simulates a prolonged and persistent Red Team attack in several multifaceted phases, over a two day period specifically to mobilize an organisation’s full Blue Team capability through as attack escalates, and challenges the various responses, methods, teams, and decision- makers to cope with complex scenarios.
The war game is designed to examine how your organisation responds to realistic simulated cyber crises; how it enacts & adapts business continuity plans, how appropriate your contingency plans are, and under which conditions they are more likely to fail.
The war game tests, technology, processes, and procedures, through the phases of identification, defence, response, and recovery to an attack in depth..
The war game process is set up to allow observation, monitoring, feedback, and mentoring, to enable organization to review and develop the personal and team skills required to coping with cyber crises and ‘advanced attackers’.
Why Do Organisations Need it Now
War games test resilience, and build capability.
It is increasingly apparent that static security measures provide inadequate defence against sophisticated attacks, and organisations need to build confidence in their ability to recover rapidly, and resume normal operations.
The ability to resist, react, and manage such attacks requires an effective combination of technology processes and managerial procedures. Common failings in response to cyber attack are found among different staff teams in their situational analysis, decision making, communication, and working practices during a crisis.
It is therefore important to elevate the organisation’s knowledge, capabilities, understanding, and awareness by simulating a process that enables learning under real-world conditions that war games provide.
What Does a War Game Entail
A war game is a 3-phase process, commencing with a series of desktop exercises and masterclasses over two days covering key topics to the war game to create a baseline of preparation and focus. Beyond developing the requisite knowledge, managing a cyber crisis requires very effective processes, configured appropriately, and adaptable to changing circumstance. The first phase therefore aims to create familiarity with the principles that will be exercised.
The second phase is the war game itself. A Red Team conducts a prolonged and phased attack, and over two days the organization is observed and mentored through the response. The war game is controlled by a white team that provides feeds and inputs, while a directorate monitors the progress and evolution, and observers compile assessments of events and provide mentoring at different stages of the process.
The third stage is the debrief workshop which includes a full analysis of the war game, review of different groups’ performance and self-assessment, reporting on the effectiveness of technology and methodologies, and feedback on:
Crisis Management Practices
Decision Making and Decision Taking
Employing Deception Tactics and Methods
Risk Assessment Methods
Communications: Internal & External
The workshop concludes by building consensus around a hierarchy of priorities for security, planning, and lessons learned.
For a full presentation of the cyber war game process, download our flyer and email email@example.com