Mobius recently assisted an Oil and Gas company with a Cybersecurity Incident Simulation exercise. The Primary objective of the Simulation was to test the company’s playbooks and stakeholder understanding and involvement in the incident response process.
The key deliverables of the project were as follows:
- Create a tabletop Incident Scenarios including all the possible attacks defined in their existing playbooks.
- Develop scripts for existing Incident Response Playbooks.
- Facilitate a workshop to validate the scripts and test stakeholder understanding and involvement in the Incident Process.
Mobius drafted 2 practical scenarios that would allow all stakeholders to interact throughout the simulation. The approach used was as follows:
- A scenario was presented to the team, the team was required to discuss and present their actions as if the scenario was occurring in real-time.
- A scribe was used to capture the actions from the tabletop.
- A facilitator provided hearings (called injections) as the scenario unfolded.
- A report was issued post the tabletop walkthrough.
The client found the simulation useful and stressed the need for ongoing simulations to help respond to future cyber incidents.
Should you require any further details on how to conduct Incident Simulations, please contact us.