“It was eye-opening for everyone”
Crisis Management Exercise
The Exercise
A well-known Australian retail organisation engaged CRG to carry out a Tabletop Exercise focused on a ransomware threat for their Cyber Security Operations Team, IT operations teams, and Major Incident Management Team, under the guidance of their CISO and CTO. CRG developed and led an exercise that mirrored the progression of a ransomware threat actor, starting from initial access to the deployment of ransomware. This required the organisation to navigate the situation from the helpdesk's first response to notifying the C-Suite and implementing store closures. Furthermore, CRG provided a briefing on the threat landscape and conducted an educational session for all participants involved in the exercise.
The Outcomes
Recognised flaws in the existing backup and recovery process that could lead to prolonged outages during real-world threats. A recently halted project was promptly restarted to address these gaps. Enhanced cooperation between IT and Cyber Operations through new processes aimed at minimising blind spots and inefficiencies, thereby reducing the impact and length of future incidents. Identified knowledge gaps and single points of failure; immediate training was conducted, and processes were established to ensure knowledge accessibility.
Testimonials
“The CTO has already communicated the recovery challenges with the CEO… now we can reprioritise some activities that were de-prioritised”
“It was eye-opening for everyone”