The Scenarios

Since the pandemic, working from home has become a part of our working life with hybrid working now the new normal. While working from home has its benefits, it exposes both organisations and individuals to various cyber threats. It has created the potential that your organisation’s IT services will be accessible to people other than your remote workforce, which is providing new avenues for attackers to target organisations.

The micro exercise session combines several fundamental aspects of cyber security with additional, broader cyber security learnings. It is split into four topics; password security, identifying and reporting phishing emails, securely remote working, responding to a ransomware attack. Micro Exercise in a Box workshops will discuss some basics to ensure all organisations, regardless of their sector or level of cyber knowledge will benefit.

Every organisation stores personal data in some form whether this is related to clients, staff, rejected job applicants or even individuals targeted in a marketing campaign. Every organisation has a legal obligation to protect that data, with financial and reputational penalties if data is not protected. In this session, you will talk through your organisation’s security processes with the help of our ethical hackers to identify points for future improvement and learn how to respond.

A digital supply chain attack is a cyber attack that seeks to damage an organisation by targeting less-secure elements in the supply chain. A supply chain attack can occur in any industry, therefore, it is crucial to prepare for it. This scenario begins by exploring how you would determine potential suppliers’ security. It then skips forward several months and asks what would happen if that supplier suffered a service outage that could have exposed customer information.

Ransomware is some of the most destructive forms of malware currently in circulation and it is vital that organisation know how to respond to these. This session covers a ransomware attack through a phishing email, to determine how prepared your organisation is to deal with the constant threat of these common attacks. It tests whether you could rely on your current backup solution to continue operations.