Modern organisations face a range of cybersecurity risks and whilst every effort may be made to prevent a breach, if one does occur an organisation must be prepared to respond to that breach quickly and effectively.

The period of dealing with a security breach is one of tension. If a company is not adequately prepared for the efficient handling of an incident, then a time of tension becomes one of crisis.

Who is it for?

Who is it for?

Our Incident Response Scenario Testing (also known as ‘Wargaming’) is for organisations who have established an incident response and business continuity plan, that wish to test the effectiveness of that plan in a controlled manner.

How can we help?

How can we help?

Secarma have developed a Cybersecurity Incident Wargaming service, which is designed to explore the effectiveness of an incident response plan against realistic scenarios, through a tabletop exercise.

Wargames are usually scheduled for a three-hour session, allowing for the steps of incident response to be deeply explored, yet still allowing for breaks and open discussion in the group.

At the end of the session, the intention is that the response team will more clearly understand the strengths and weaknesses of their incident response planning.

We have found these sessions work best when each aspect of the response team is represented in the room, such as the board, the technical team, and the communications team.

What we test

What we test

We typically develop scenarios that are based on real-world incidents that have previously taken place. However, if your organisation wishes to test against a specific scenario, we can build a bespoke exercise.

Example scenarios include:

  • Malicious Software Outbreak –  This scenario plays through the common stages of a major malware outbreak to test how well an organisation can identify, contain, eradicate, and recover from an attack such as mass ransomware.
  • Denial of Service Attack –  This scenario walks through a complex denial of service attack that impacts a major, or public, system. It tests how well an organisation identifies and mitigates the attack, whilst managing the potential public relations impact of service outages
  • Website Defacement – This scenario walks through how an organisation responds to a very public breach such as a website defacement. It tests how well they can identify the issue that led to the defacement, restore systems to working order, harden them from further attacks, and manage the public response.

Want to know more about how incident response scenario testing could benefit your organisation? Get in touch with one of our experts today for more information.

Download our Fact Sheet


Other services

Virtual Information Security Manager

Virtual Information Security Manager

Developing and maintaining a robust cybersecurity posture can be challenging for organisations who e...

Incident Response Scenario Testing (Wargaming)

Incident Response Scenario Testing

Modern organisations face a range of cybersecurity risks and whilst every effort may be made to prev...

Build Configuration Security Review

Build Configuration Security Review

A build configuration security review can provide system administrators with a comprehensive overvie...

Cloud Configuration Security Review

Secarma’s Cloud Configuration Security Review tests the configuration of the chosen cloud provider...

Cyber Security Maturity Assessment

Our Cyber Security Maturity Assessment (CSMA) evaluates your organisation's current security program...

Threat Modelling

Threat Modelling is a structured tabletop exercise which is used to identify and mitigate potential...

Firewall Configuration Security Review

Firewall Configuration Security Review

Firewalls are an essential component of network security as they monitor incoming and outgoing netwo...

IOT Cyber Scheme

IoT Cyber Scheme

Internet of Things (IoT) is a standard against which manufacturers of IoT devices can have their dev...

Privacy and Data Protection Services

As UK data protection laws evolve away from the requirement to employ Data Protection officers, Seca...