contact us

Cyber Crisis Management Exercise

Anticipate cyberattacks with crisis management exercises tailored to your organization. Inspired by ANSSI recommendations, our realistic scenarios reinforce your teams' preparedness without disrupting your business. Test your capabilities and adopt best practices in the face of cyber threats.

I have a project

Exercise presentation

As the number of IT threats increases, organizations need to be prepared for cyber crises. These result from attacks on information systems, causing major and sometimes irreversible disruption.

In response, ANSSI and the CCA have developed the guide to organizing a cyber crisis management exercisefor all organizations. It makes it easy to set up realistic exercises to train teams in best practices, both internally and externally.

Phishia offers exercises based on this work, adapted to your activity and the level of your teams, without impacting your operations. They strengthen preparedness, communication and coordination in the face of cyberattacks.

Exercise organization

EXERCISE DESIGN
Development of a framework defining objectives, format, theme, scope, available resources, date and stakeholders (experts, facilitators, observers, players). The aim of this stage is to produce a solid set of specifications.
EXERCISE PREPARATION
Development of a credible scenario, drafting of a timeline with an appropriate level of plausibility and intensity, and briefing of participants. The aim of this phase is to ensure that the teams involved are properly prepared.
EXERCISE SEQUENCE
Follow the chronogram established during the preparation phase, while remaining adaptable to the players' reactions. The aim is to ensure that the exercise runs smoothly, while taking into account any necessary adjustments.
ANALYSIS OF LESSONS LEARNED
Organization of hot and cold feedback (RETEX) to draw lessons from the exercise. This includes drafting a written report and planning a feedback session to identify areas for improvement.
IMPLEMENTATION OF IMPROVEMENT MEASURES

Once the lessons learned from the exercise have been analyzed, the implementation phase of improvement measures is crucial to strengthening the company's resilience and efficiency.

Skills observed

The team assembled for the exercise will be observed on the following points:

1.

Reactivity
  • Detection: Assessment of how quickly the team detects the incident or threat.
  • Alert: Evaluation of the speed with which the team issues an internal alert.

2.

Technical Skills
  • Analysis: Ability to quickly analyze the nature and scale of the threat.
  • Classification: Precise identification of the type of incident (malware, DDoS attack, data compromise, etc.).

3.

Internal communication

Evaluation of the clarity and speed of communications within the team.

4.

External communication

Assessment of communications management with external stakeholders (customers, partners, authorities, media).

5.

Collaboration within the cell
  • Coordination between cell members.
  • Leadership

6.

Business continuity
  • Business Continuity Plan (BCP): Quality assessment, including definition of roles and responsibilities.
  • BCP implementation: Effectiveness of measures to ensure minimum operation of critical activities.

The aim of the exercise is in no way to trap participants.Rather, it is a way of understanding and supporting a crisis of cyber origin.

It is advisable toinvolve high-level profiles, but also a cyber decision-maker or a person in charge of ISS and, more generally, to involve all the people who would be mobilized if the event played out during the exercise actually took place.

We recommend that you set aside a time slot for thehalf to full day for the year.

Make an appointment

A type of exercise for each domain

In the French context, cyber management exercises are an initiative supported by organizations such as theANSSI (Agence nationale de la sécurité des systèmes d'information) and theYEARS (Agence du Numérique en Santé). These exercises are designed to meet the specific needs of each field of activity.

Whether you're in the healthand communities or in the field of companiesThere's an exercise to suit your field. These exercises are designed to help identify vulnerabilities, strengthen defenses and improve resilience in the face of cyber threats.

When it comes to healthThe exercises can focus on protecting sensitive data and ensuring continuity of care in the event of a cyber-attack. For communitiesThe exercises can focus on critical infrastructure protection and incident response. In the field of companiesExercises can cover a range of scenarios, from protecting trade secrets to managing security incidents.

In short, whatever your field of activity, ANSSI and ANS have developed cyber management exercises to help you reinforce your security posture. These exercises are an invaluable tool for preparing for and responding effectively to cyber threats.

Health

YEARS

Dedicated cyber exercise

Company

ANSSI

Dedicated cyber exercise

Local authority

ANSSI

Dedicated cyber exercise

Pre & post exercise workshops

As part of this approach, we will be able to design tailor-made workshops to provide you with optimum support both before and after the exercise. We are committed to strengthening your skills and guiding you towards continuous improvement of your cybersecurity practices through a wide range of workshops.

Each workshop lasts about half a day.

Building a team

  • Identify key members of the crisis management team, including IT security experts, communications representatives, human resources managers, and other relevant stakeholders.
  • Make sure every team member understands his or her role and responsibilities during the crisis.
  • Set up an effective internal communication system to ensure fast, accurate coordination.

Assessing risk

  • Identify the nature and origin of the cyber attack.
  • Assess affected IT assets and compromised data.
  • Determine the potential impact on business operations, data confidentiality and the organization's reputation.

Determining the scope

  • Analyze the extent of the breach by identifying all affected parties, internal and external.
  • Assess the speed at which the threat is spreading and its ability to cause further damage.

Predicting the response

  • Implement immediate measures to mitigate the impact and halt the progress of the cyberattack.
  • Communicate with internal and external stakeholders to inform them of the situation and the ongoing response.
  • Prepare communication plans to inform external stakeholders, including customers, partners and regulatory authorities.

Consolidate the plan

  • Develop a detailed plan for crisis management, including the specific steps to be taken, the responsibilities of each team member and the resources required.
  • Identify long-term preventive measures to avoid similar attacks in the future.
  • Implement additional security measures to strengthen the protection of IT systems.

Review and update

  • Conduct a post-crisis analysis to assess the effectiveness of the response and identify areas for improvement.
  • Update the crisis management plan with lessons learned.
  • Organize regular training sessions to keep the crisis management team up to date with new threats and cybersecurity best practices.

Our cybersecurity blog

Discover the latest news and trends in cybersecurity.

10 simple tips for spotting e-mail attacks (phishing and ransomware)

The most common cyberattack scenarios for SMEs

Understanding EDR, SIEM, SOAR and XDR: the complementary nature of cyber defense

Discover all our articles

Paris - Nantes

contact@phishia.fr

+33 6 85 25 99 28

Monday – Friday: 8:00 AM – 8:00 PM.

Cybersecurity

Artificial Intelligence

CSR

Terms of use

Privacy policy

I have a project
en_US
fr_FR de_DE it_IT en_US

Cybersecurity

PhishiaSOC

Crisis management

Prevention

Outsourced CISO

AI

ISO 42001 & SMIA support

CSR

Carbon Footprint Assessment and Climate Strategies

Life Cycle Analysis and Eco-design

Support for CSRD compliance

Sustainable cybersecurity

Managed SOC

Who we are

Join us

All articles

Cybersecurity blog

Blog IA

Sustainability blog

Contact us