Israeli Consienta Held Cyber Crisis Management Simulation for European Financial Executives
IsraelDefense
| 11/11/2018
Photo courtesy of Consienta
As part of the ISACA CSX2018 in London last week, an executive cyber crisis management tabletop was conducted by Consienta and Cyber360 experts to a group of 40 executives from all over Europe.
The tabletop was oriented towards the business aspects of this kind of events and simulated a cyberattack on a large bank. The participants were divided into groups, representing the C-level executives of the attacked company, along with several other stakeholders in such kind of crisis (PR, regulators, etc.). During the event, the participants were requested to discuss and make “real-time” business decisions required as part of managing the cyber crisis. The exercise evolved along with the decisions made and reflected the consequences of the participants’ decisions.
Along with the security and data leakage implications of the exercise, a particular emphasis was made on the regulatory aspects of the crisis by combining relevant financial regulation notices, GDPR and other possible jurisdictional disclosure requirements to the exercise members.
“The purpose of this kind of exercise is to expose the participants to the wide implications of a cyber breach and provide them with business considerations they are normally less exposed to beyond the technological aspects they are familiar with,” said Guy Dagan, Founder of Consienta.
One of the characteristics of cyber crisis is uncertainty that quickly leads to organizational chaos, which in turn leads to problematic or less-than-optimal decisions, financial losses, market trust reduction, lawsuits against the company, and even personal lawsuits against executives. In many cases, the technology aspect of the crisis is not the main issue and the business/legal/public relations aspect should be more important.
“Recently, many regulations and directives in the security, data protection, and privacy fields came to force, increasing dramatically the need to be prepared in case of a breach in business aspects that were not handled properly until now. Managing the crisis wisely, aligning technology, business, legal and PR is a must in maintaining trust and getting back to business after the crisis.
“Conducting a real-life simulation as a management team increases the readiness level of the enterprise and serves as a tool in complying with regulations. Recently we performed such simulations in many leading financial, industrial and tech companies. Once the management is trained – the readiness level to the crisis that will surely arrive increases dramatically,” says Dagan.
Photo courtesy of Consienta
As part of the ISACA CSX2018 in London last week, an executive cyber crisis management tabletop was conducted by Consienta and Cyber360 experts to a group of 40 executives from all over Europe.
The tabletop was oriented towards the business aspects of this kind of events and simulated a cyberattack on a large bank. The participants were divided into groups, representing the C-level executives of the attacked company, along with several other stakeholders in such kind of crisis (PR, regulators, etc.). During the event, the participants were requested to discuss and make “real-time” business decisions required as part of managing the cyber crisis. The exercise evolved along with the decisions made and reflected the consequences of the participants’ decisions.
Along with the security and data leakage implications of the exercise, a particular emphasis was made on the regulatory aspects of the crisis by combining relevant financial regulation notices, GDPR and other possible jurisdictional disclosure requirements to the exercise members.
“The purpose of this kind of exercise is to expose the participants to the wide implications of a cyber breach and provide them with business considerations they are normally less exposed to beyond the technological aspects they are familiar with,” said Guy Dagan, Founder of Consienta.
One of the characteristics of cyber crisis is uncertainty that quickly leads to organizational chaos, which in turn leads to problematic or less-than-optimal decisions, financial losses, market trust reduction, lawsuits against the company, and even personal lawsuits against executives. In many cases, the technology aspect of the crisis is not the main issue and the business/legal/public relations aspect should be more important.
“Recently, many regulations and directives in the security, data protection, and privacy fields came to force, increasing dramatically the need to be prepared in case of a breach in business aspects that were not handled properly until now. Managing the crisis wisely, aligning technology, business, legal and PR is a must in maintaining trust and getting back to business after the crisis.
“Conducting a real-life simulation as a management team increases the readiness level of the enterprise and serves as a tool in complying with regulations. Recently we performed such simulations in many leading financial, industrial and tech companies. Once the management is trained – the readiness level to the crisis that will surely arrive increases dramatically,” says Dagan.
