Cyberattacks on businesses often make the headlines, and yet organizations often fail to manage their response. In our experience, a failure to handle the breach is often more damaging to a company’s reputation than the breach itself. Often when there’s a breach, it can have very negative effects on the company’s reputation — not only because it happened in the first place, but because the company wasn’t in control to manage it swiftly.
It’s no longer a question of whether your organization will be breached, it’s when. It may even have happened already. Therefore, organizations need to start asking themselves, “Is my organization prepared for the inevitable?”
It’s no longer a question of whether your organization will be breached, it’s when. It may even have happened already. Therefore, organizations need to start asking themselves, “Is my organization prepared for the inevitable?”1Source: Cybercrime Report 2017 Edition, Cybersecurity Ventures, 19 October 2017
2Source: Global Information Security Survey 2018-2019 – Canada Highlights
3Source: Global Information Security Survey 2018-2019 – Canada Highlights
Are you prepared for the inevitable?
How would you know what to do in the event of a fire if you never had a fire drill? A cyber tabletop exercise is just that – a fire drill for a cyberattack. You don’t want to suddenly discover that you’re unprepared for a cyberattack while it’s happening.
Having the right documentation is a good start, but if you have a response plan that hasn’t been tested, it’s as useful as having no plan at all. Having the right plans in place that have been properly vetted and tested is typically the deciding factor as to whether a company will succeed in the face of a cyber incident.
Separately, regulators worldwide are specifically calling out their expectation that testing cyber resilience through thorough crisis management exercises should be a basic part of corporate risk management. Companies subject to regulatory requirements such as Canada’s Personal Information Protection and Electronics Document Act (PIPEDA) and the EU’s General Data Protection Regulation (GDPR) will be required to report data breaches involving personal information, which makes building a leading-class, sustainable data privacy strategy more important than ever before. This means that boards and senior management need to be prepared to respond to a major crisis caused by a cybersecurity incident. It’s clear that rehearsing through simulation exercises can be the best way to achieve this.
How can you effectively prepare for a cyberattack?
It’s smart to be proactive, of course, but sometimes even the most proactive organizations can’t thwart sophisticated and targeted attacks. Your organization should focus not only on prevention, because even the most comprehensive software can’t stop a sophisticated cyberattack. You should turn your attention towards being reactive, and put heavy emphasis on detection and readiness for the inevitable.
Our cyber incident simulation – also known as a tabletop exercise – is a scenario-based testing of cybersecurity incident response capabilities. We directly engage your response teams — both business and IT — in the decision-making process to effectively respond to a critical incident. We place heightened focus on operational resilience, brand reputation and having both the incident response team and crisis management teams work together to resolve the incident.
Cyber incident simulation overview
Cyber incident simulation can prepare your organization for an unpredictable cyber event and help adapt your cybersecurity responses in a rapidly changing environment.
Every cybersecurity incident is unique and so is every organization. Cyber incidents are high speed, unstructured and diverse, and are often intense and demanding. A realistic cyberattack simulation can help you test and improve your cybersecurity response.
Timeline of a possible cyber attack
Cybersecurity incident simulation exercises provide robust challenges across a variety of areas, allowing an organization to not only gauge the effectiveness of its response capability, but most importantly, gain experience in a safe environment.
EY uses a three-step approach to prepare, execute and report on a tabletop exercise. Each step is carefully designed and vetted with an organization’s key stakeholders.
Global Advanced Security Centers network
EY has more than 320 cyber professionals across our global Advanced Security Centers network with innovative tools and equipment to support various cybersecurity projects.
Fulsome understanding of cyber threats and resulting issues
We have extensive knowledge of global cyber threats and related cybersecurity incidents, the wider information security and cyber risk landscape, challenges faced by organizations and experience in forensic investigations.
A strong track record
We’ve supported our clients with incident simulation exercises for many years, with increased focus on cyber risks over the last decade. Our global reach enables us to scale in line with our clients’ requirements and global footprints, and the complex business and regulatory environments in which they operate.
We work closely with you on your cybersecurity journey to help your incident response team appropriately respond to cybersecurity incidents by developing a realistic incident scenario with significant impact, and providing observations and actionable recommendations.
We are a recognized leader
ALM Intelligence has named EY as a leader for cybersecurity consulting and a “best in class” provider of enabling tools that offer clients a broad view of their cybersecurity risk exposure and an estimate of how long it will take to resolve live issues.