CASE STUDY: ENSURING BUSINESS CONTINUITY WITH BESPOKE CRISIS MANAGEMENT TABLETOP EXERCISES

In today’s rapidly changing and unpredictable environment, organizations must be prepared for a range of potential crises, from natural disasters to cyber-attacks. One effective method for enhancing an organization’s crisis management capabilities and promoting organizational resilience is the use of tabletop scenarios. These crisis management initiatives simulate real-life emergency situations in a controlled, discussion-based format, allowing participants to practice their responses, identify weaknesses, and improve coordination and communication without the real-world consequences.

The Ask

A client engaged Richter to assist them with conducting a comprehensive review of its current crisis management processes, which included the following:

1. A maturity assessment of its existing incident response, business continuity, and crisis management plans; and
2. Conduct a tabletop exercise designed to:
   • Clarify incident response roles and responsibilities
   • Test decision-making
   • Educate incident response leaders on emerging threats
   • Satisfy compliance and contractual requirements
   • Identify potential areas of improvement

The Results

Richter worked with the client to scope, design, and deliver a bespoke ransomware attack scenario that took into consideration the unique aspects of their organization, including but not limited to:

• Its mixture of on-premises and cloud-based IT infrastructure
• Its current security monitoring capabilities
• Its documented crisis management plans, policies, and procedures
• The types of personal and confidential information it retained on customers
• The presence of security service providers and other vendors; and
• The results of the maturity assessment

By simulating a realistic cyber-attack and benchmarking their existing practices against industry good practices, our client was able to identify critical weaknesses, improve coordination, and increase overall preparedness while being provided with actionable recommendations to improve their cyber readiness, such as:

• Establishing relationships and contractual agreements with outside agencies (such as PR firms and forensic experts)
• Setting up call trees and leveraging technology to ensure timely incident communication; and
• Updating and enhancing existing crisis management plans and procedures based on lessons learned

We also educated the client’s leadership on the emerging topic of ransomware, including best practices for protecting themselves and mitigating the risk of such attacks.

How Richter Can Help

Your organization could benefit from periodically testing your existing incident management and business continuity policies and procedures. Richter’s cybersecurity experts can help create and facilitate customized crisis management tabletop exercises tailored to your industry, providing lessons learned and recommendations for improvement.

If your organization does not already have documented incident response, business continuity, or crisis management plans, we at Richter can also help develop these documents while tailoring them to the size and scope of your organization.