Incident Response Dry-run

Cyber threats are increasing dramatically and we are seeing the devastating effects daily. One of the biggest threats to organizations is the digital threat and its effects. The financial losses can be immense. Paired with these high numbers is often the idea that cyber attacks are limited to large companies. Unfortunately, practice shows that more and more SMBs are also targets of a cyber attack. In 2020, 43% of cybersecurity incidents targeted SMBs.

Prevent financial and reputational damage

Awareness Program

In the absence of proper preparation, the impact of an incident can be seriously magnified. It slows down the identification of the incident and this delay is associated with higher costs. In addition to the direct financial damage, many companies also suffer significant indirect damage. Consider the reputational damage incurred. To minimize both types of damage, your organization can prepare with our Incident Response Dry-run. A dry-run that prepares your organization for the insurmountable: a cybersecurity incident.

How does a dry-run test your Incident Response Plan?

With its Dry-run, NFIR offers you the option of approximating the impact of an incident as much as possible without harming you. An effective way to gauge the extent to which your Incident Response Plan is complete and effective. During the dry-run exercise, your organization’s crisis team is confronted with a successful ransomware attack and the reality is replicated as closely as possible. Thus, new insights that we encounter in daily practice will always arise during the incident. An example of a new insight is the appearance of a media article about the incident at your organization. During the dry-run, we test how you react to this fact. These insights make “just as they do in a real incident” the course of the investigation ever so slightly more complex. The crisis team which consists of a director, IT manager, a person responsible for information security and a person responsible for crisis communication is challenged to act in an adequate manner with the resources they have at the time.

What is the purpose of the dry-run?

Dry-run simulates a cybersecurity crisis situation to let organizations know what it’s like during a cybersecurity Incident. A simulation that will make participants forget they are part of a dry-run. In this way, the true impact of a major incident is made palpable and tangible. An unthinkable scenario comes true during the Dry-run. This dry-run will contribute to understanding and awareness and get organizations thinking. Key findings from this exercise will lead to action items needed to reduce the impact in the event of a potential incident.

Do you also want to be prepared for a cybersecurity incident?

Good preparation is half the battle. An Incident Response Dry-run steams your organization for the inevitable: a cybersecurity incident.

Also check out our other security awareness services

During an Incident Response Dry-run, a cybersecurity incident is simulated. This simulation includes all phases of an incident and involves all parties necessary for the resolution of an incident. In this way, the dry-run approaches reality and your organization can make the necessary preparations, should an incident occur.

That's super helpful! Making organizational and technical preparations is essential to be able to act more quickly in the event of a cybersecurity incident and to make the situation a little less stressful. By doing the incident response crisis simulation, your organization will experience what the different crisis team members have to deal with. We take a very realistic approach to the practice and help your organization gain insight into areas for improvement.

A Project Lead and Technical lead from NFIR's Computer Emergency Response Team will let you experience different phases of an IT Security incident through various "injects". The decisions made and the responses given can lead to action items for the organization, in order to act better and faster in case of a real incident. These recommendations will be recorded and handed over as a handout to your crisis team at the conclusion of the exercise.

An Incident Response Plan is a structured representation of the steps an organization takes when an IT security incident occurs. The dry-run is the practical translation of this plan and thus demonstrates whether the plan is complete. Both aim to reduce the impact of an incident (and therefore recovery time and costs).