As part of its annual cybersecurity audit, Aster Housing, one of the UK’s top housing solutions providers, sought a true demonstration of its cyber incident response capabilities, especially the ability of the human element to respond successfully in case of a crisis.
The organisation opted for Cyber Management Alliance’s Cyber Crisis Tabletop Assessment to achieve these objectives and sharpen its overall breach readiness.
“Like many organisations, we undertake various traditional cybersecurity audits each year. Our past audits have been more focused on checking configurations, documentation, processes and procedures. They’ve all been very useful, but we needed something that’s more like a true demonstration of the capability of the business to actually respond. I wanted to get a fresh approach and that's why we opted for CM-Alliance’s CCTE Assessment.”
– Neil Mallon, Strategic Technology Leader, Aster Group UK
Neil had interacted with the workshop facilitator, Amar Singh (also the CEO and Co-Founder of Cyber Management Alliance), during numerous Wisdom of Crowds events in the past. He had, then, engaged Amar to run CM-Alliance’s flagship, NCSC-Certified Cyber Incident Planning & Response training to help Aster Housing create its cyber crisis response plans.
This experience, coupled with Cyber Management Alliance’s well-known expertise in the field and market reputation, made it easy for the client to zero in on Amar Singh as the external facilitator of choice for Aster Housing’s Cyber Crisis Tabletop Exercise.
Scenario-building is extremely important to a successful cyber tabletop exercise. It makes the crisis workshop slightly more realistic and having a scenario rooted in the current operational environment makes the session far more engaging and fruitful.
Neil Mallon and Amar Singh worked in collaboration to create a bespoke scenario for the CCTE workshop that wouldn’t just be highly relevant to the client’s business, but also challenging enough for the participants.
“Amar and I spent a good amount of time talking through options and planning the right scenario(s) for the tabletop test; We tried our best to design the scenarios to be challenging enough and both engaging and exciting to be a part of,” said Neil.
The CCTE workshop was expertly delivered in a remote workshop style. During the workshop, Amar made extensive use of conference breakout rooms allowing for the team to separate out and discuss some of the finer points in more focussed sessions.
The time spent in scenario building and the professional delivery of the workshop allowed the client’s team members to feel encouraged to voice their opinions. All the opinions and ideas were then discussed together for more collaborative knowledge building.
The major benefits that the client was able to derive from the workshop include:
Aster Housing’s primary goal with the Cyber Crisis Tabletop Exercise was to shift the focus on to the human element. The organisation was also seeking a formal report of its cyber resilience maturity.
“The CCTE & the corresponding audit conducted has given us insights to reinforce our cyber strategy by continuing to help build the picture of where we were, where we are now and our next focussed steps. We will be engaging CM-Alliance on an annual basis.”
- Neil Mallon