Skip to content

What is it? 

The micro exercise session combines several fundamental aspects of cyber security with additional, broader cyber security learnings within a 90-minute session to ensure all organisations, regardless of their sector or level of cyber knowledge, can benefit.

The exercise is split up into four topics:

  1. Password security
  2. Identifying and reporting phishing emails
  3. Securely remote working
  4. Responding to a ransomware attack

The sessions take the form of collaborative discussions, giving participants the time and opportunity to further their knowledge of a particular cyber security subject and identify areas of improvement. An ethical hacker will facilitate the conversation.

What is expected of the participants?  

You’re here to think, talk and learn about this topic. You don’t need to be a cyber security expert; it is not a test. Instead, we aim to enable collaborative discussions that further your knowledge and help you identify areas of improvement. The ethical hacker runs the session and keeps the conversation on track in whatever way the group is comfortable with.  

Using Passwords  


We use passwords for all online accounts and applications, both in a work environment and on a personal level. Inevitably, users will devise coping mechanisms to deal with password overload.

This includes:  

  • Using the same password across different accounts.
  • Using simple and predictable password creation strategies such as date of birth.  
  • Writing passwords down where they can be easily found.  

Attackers exploit these well-known coping strategies, leaving your staff and organisation vulnerable.  

This micro exercise explores how passwords are managed, how attackers find your passwords and what you can do to limit your risk of becoming a victim.  

Responding to a Ransomware Attack  


Cyber security is everyone’s responsibility, and we all have a role to play in preventing cyber attacks and minimising the impact when attacks do happen. Whilst a large amount of cyber defence is technical, people are a significant factor in defending and responding to cyber attacks. Ransomware attacks are becoming increasingly common and can have a devastating effect on both businesses’ and people’s personal lives.  This micro exercise explores what might happen if ransomware were to make its way onto your organisations’ network and how you and your organisation might respond.  

Identifying and Reporting a Suspected Phishing Email  


Spotting a phishing email is becoming increasingly difficult and can trick almost anyone into clicking on a link or opening an attachment, potentially infecting your system and those connected to it. Preventing this type of attack from being successful can help to mitigate a large proportion of cyber attacks. Whilst  most of this defence is technical, cyber security is everyone’s responsibility. We all have a role to play in preventing cyber attacks and minimising the impact when attacks happen.  

This micro exercise focuses on exploring the role users must play in spotting a phishing email and the steps they can take to mitigate the damage a breach may cause.  

Connecting Securely  


Organisations have been increasing their ability to enable home and remote working for their employees. This often means adopting new working practices, systems, and software, to enable employees to connect and carry out their work. However, this increase in remote working has provided more opportunities for attackers to compromise users’ personal and company data. For example, connecting to public Wi-Fi or insecure networks with mobile devices can allow attackers on the same network to intercept or modify your data.  This micro exercise explores ways users can securely connect to their home and work environment, protecting both their and their organisation’s data.  

Why do it?

It is important for organisations to conduct cyber exercising to enable them to prepare for a potential cyber attack within their business and mitigate that threat as much as possible. Additionally, please remember that Exercise in a Box is a safe environment for every participant, so please do not feel like you cannot say anything.

The session offers multiple takes away. A report from the NCSC can be generated within a provided follow-up session, linking to all the guidance relevant to your organisation taken from the session.

Some of the benefits and key takeaways of cyber exercising include:

  • Understanding actual versus perceived capabilities of people and technology.
  • Deciding where to invest budgets in training or new technology.
  • Building muscle memory and reducing stress for security teams and management.
  • Improving morale and team building.
  • Meeting regulatory requirements.

You can find additional guidance below:

Cyber and Fraud Centre Resources: 

NCSC Additional Guidance Mitigating Malware and Ransomware attacks: 

Dealing with suspicious emails, phone calls and text messages: 

Phishing attacks: defending your organisation: