A cyber crisis simulation exercise is the foundation of real-world cyber threat preparedness
Despite cyber threats rising in frequency and severity, and regulations become increasingly stringent, 1 in 3 Asia companies do not currently conduct cyber incident response planning and testing . For those with cyber incident response plans in place, their plans often come with gaps in their response and approach, leaving executives and employees inadequately prepared to contain the possible financial, operational and reputational fallout arising from a cybersecurity incident. Companies with little to no incident response planning and testing could incur on average 41% more losses and costs than those companies with high levels of planning and testing.1
Often, this lack of readiness is caused by the absence of a cyber crisis simulation exercise, which should be tailored to the organisation’s unique challenges and independently conducted for actionable insights and robust outcomes.
As the impact of a cybersecurity incident can spread quickly and be magnified by inadequate response, every organisation needs to answer the question: Can our cyber incident response plan pass the real-world test?
Introducing Marsh Asia’s Cyber Crisis Simulation Exercise
Structured around a proven four-stage approach, Marsh Asia's Cyber Crisis Simulation Exercise is developed to help organisations test the robustness of their cyber incident response plans in real-time by setting up realistic scenario-driven threats against the organisation’s cyber assets. The entire process can typically be completed within six to eight weeks:
Stage 1: Review current plans/develop new plans
Marsh Asia begins by first understanding your organisation, identifying the relevant participating stakeholders among executives and board members, and reviewing current cyber incident response and crisis management plans, procedures, and reports of past exercises.
If your organisation does not have an existing plan, we can help you develop one that aligns with your industry standards, level of cyber maturity, and unique requirements.
Stage 2: Design the scenarios
Marsh Asia works with your organisation to define the scope, metrics, and scenarios for a simulation exercise based on agreed-upon objectives.
To design a realistic and relevant exercise scenario, we take into account the type of cybersecurity incidents, such as ransomware and data breaches, likely to have the greatest impact on your organisation. We also consider your organisation’s structure and operating environment, as well as the participants’ roles and responsibilities, to ensure that events during the exercise will induce stresses to organisational interfaces in a coordinated and sequenced manner that pushes individual and system capacity.
This stage concludes in a knowledge transfer session where participants receive a detailed briefing in preparation for the simulation exercise.
Stage 3: Conduct the simulation exercise
With clarity over the crisis scenarios, workflows and instructions, Marsh Asia delivers the structured simulation exercise as planned. Conducted in real-time, the exercise will test participants’ efficiency and effectiveness in containing the impact of events that occur following the incident.
The simulation exercise not only tests participants’ decision making but also their coordination across departments and levels in your organisation.
Stage 4: Evaluate the exercise
Following the exercise, Marsh Asia will produce a detailed After Action Report (AAR) that includes feedback and observations captured during the course of the exercise, highlights what worked well, and reveals gaps in incident response. Our prioritised recommendations enable your organisation to take informed next steps to improve your cyber incident response and crisis management approach.
Reap the benefits of a Cyber Crisis Simulation Exercise
By the end of the process, you will be able to:
- Further refine your cyber incident response and crisis management approach and fulfil requirements to access insurance capacity, supported by our cyber insurance specialists.
- Improve stakeholders’ understanding and execution of their roles and responsibilities.
- Take the correct course of action to minimise financial, operational, and reputational impact.
- Adopt effective internal and external communication strategies in times of crisis.
Why Marsh?
When a cyber incident occurs, your response should go beyond immediate crisis management to also consider business disruption and insurance claims. Marsh Asia’s cross-disciplinary expertise in crisis management, business continuity, cybersecurity and insurance has been honed through working seamlessly with C-suite stakeholders across diverse industries such as financial services, manufacturing and technology. Our Cyber Crisis Simulation Exercise is designed for organisations that cannot afford to take any chances when it comes to cybersecurity preparedness.