Welcome to the Cyber and Fraud Centre Threat Intelligence app! If you’ve already downloaded the app but are unsure how to begin, this guide is…
What is it?
Ransomware is some of the most destructive forms of malware currently in circulation. It has the capability to bring entire organisations to their knees in a matter of days, if not hours. The ransomware can encrypt the target systems and will demand payment for restoring the systems. It is of paramount importance for an organisation to know how to respond to a possible ransomware infection. Ransomware attacks can affect any organisation; hackers do not discriminate against who is targeted.
This session covers a mock ransomware infection through a phishing email, the most common infection vector for malware. This is an extremely common attack, 83% of cyber attacks are through phishing. It is essential for an organisation to have resilience against the constant threat of a phishing attack.
The aims of this exercise are as follows:
- Understand how your organisation is prepared to deal with phishing attacks.
- Recognise how the configuration of your user accounts plays a major role in your defences.
- Gauge how effectively you can recover data and resume operation after a cyber attack.
- Build trusted relationships and develop shared understanding between key stakeholders.
- Prepare and train key staff to consider what risks they are exposed to.
- Operate in a no-fault environment to check and test cyber security defences and capabilities.
Why do it?
With the rise of ransomware attacks, more than ever, it is essential that organisations are prepared in case they suffer an attack. Effectively securing an organisation can be difficult as you are only as secure as your weakest link. With the ever-changing face of cyber security, it is difficult to prepare for possible attacks.
You can access our ransomware guide here.
It is important for organisations to conduct cyber exercising to enable them to prepare for a potential cyber attack against their organisation and mitigate that threat as much as possible. Additionally, please remember that Exercise in a Box is a safe environment for every participant attending.
The session offers multiple takes aways, as within a provided follow-up session, a report from the NCSC can be generated, linking to all the guidance relevant to your organisation taken from the session.
Some of the benefits and key takeaways of cyber exercising include:
- Understanding actual versus perceived capabilities of people and technology.
- Deciding where to invest budgets in training or new technology.
- Building muscle memory and reducing stress for security teams and management.
- Improving morale and team building.
- Meeting regulatory requirements.
Who is it for?
Exercise in a Box is aimed at any organisation, large or small, to increase its cyber knowledge and perception. Ransomware attacks are an organisation-wide issue, and security is only as strong as its weakest link, and all it takes for a ransomware infection to take hold of one email. Understanding the process of recovering and dealing with a ransomware attack, alongside continuity plans, can make the difference between recovering from an attack in a week or a year. It is advised that organisations bring a diverse team and not just the IT department. This will ensure that more of the company is trained and not just a small part of it.
View our upcoming Exercise in a Box workshops.