Dates, events and presentations
Managing cyber incidents is a leadership responsibility
Cyber attacks are one of the few crisis scenarios that can threaten the existence of a company. For the most part, cyber incidents cannot be solved by the IT department alone, but at the strategic level by the crisis management team. In the end, the methodical skills in crisis management are decisive.
Advice on developing a cyber crisis management
Our experience shows that cyber crisis management belongs in the hands of the central crisis unit, which also handles other crises. However, some adjustments are necessary. Maintaining a separate crisis management team for cyber cases is not recommended.
We advise you on:
- Merging an already existing cyber crisis management team with the classical crisis management team.
- Cyber risks to which you are or may be exposed and recommended risk mitigation
- Creation of the necessary interfaces to the crisis team, in particular from IT and data protection departments
- Preparation of cyber emergency plans
- Understanding of roles and crisis management team work in different cyber attack scenarios
Cyber crisis management exercises
In coordination with you, we create a scenario for a cyber crisis management team exercise. This can be an ATP attack (Advanced Persistent Threat), a ransomware attack or a data theft with subsequent blackmail.
During the exercise, we inject various situation developments, moderate the crisis management team exercise and observe your reaction to the simulated crisis. We pay particular attention to:
- Crisis management team work and dealing with different actors
- Crisis communication
- Maintaining business continuity
- Handling of the case in terms of data protection laws
- Measures taken by the IT department on the tactical level
After the exercise is completed, you will receive a detailed report - analyzing what went well and identifying areas for improvement.
Crisis response to cyber attacks
We advise and support your crisis management team in the event of cyber incidents such as cyber extortion (e.g. ransomware, data theft, DDoS).
- Immediate advice by telephone on initial measures
- Advising the crisis management team on site
- Support in crisis communications
- Rapid re-establishment of business continuity
- Provision of legal experts from our network
- Access to current cyber threat intelligence, as a foundation for decisions in the crisis management team
- Specific research in the Darknet
- Advice on negotiations with cyber extortionists
- In cooperation with one of our partners, support in the procurement of crypto currency such as Bitcoin as well as in the payment process
- Support in cooperation with authorities
If you do not have access to IT forensic experts, we will close this gap with one of our IT and cyber partners.