This assessment scores the Breach Readiness capability of a specific group of people and how they respond to a specific cyber-attack scenario against a distinct critical asset.
This audit is performed in conjunction with and during our Cyber Crisis Tabletop Exercise (CCTE) and it measures and scores various attributes of the exercise and the participants during the tabletop exercise.
The image below describes our detailed approach to conducting a Breach Readiness assessment. Similar to our other audits, the process is fairly straightforward. We listen to and obtain information about your organisation, its critical assets, response plans and the role of key stakeholders during and after an attack.
We, then, create a detailed attack scenario storyboard and corresponding presentation which will be used during the Cyber Crisis Tabletop Exercise (CCTE) workshop.
Throughout the exercise, we will either record or closely monitor the participants and assess several attributes to arrive at a Breach Readiness maturity score.
As part of our Breach Readiness audit, we will:
This audit requires us to create a fairly detailed cyber-attack scenario and hence we will need to speak to one or more resources who can support us in creating this compelling scenario.
Our Cyber Crisis Tabletop Exercise (CCTE) helps answer one of the most important questions for the CEO and executive management - “Is your organisation breach ready?”
Put another way, it seeks to examine if your organisation is able to rapidly detect, effectively respond to and resume or carry its business operations uninterrupted after a cyber incident.
We will provide you with a formal audit report with a maturity score for your Breach Readiness along with a breakdown of the additional observations made during the tabletop exercise. The report also provides easy-to-understand recommendations on improving the score and closing the gaps.
More information on this specific assessment is available in our CCTE page and brochure. CCTE: Management Report.
Note: The Breach Readiness audit does not conduct a comprehensive audit of your IT and/or cybersecurity controls. We do a cursory review of your existing processes, procedures and incident response related documentation.
Identifies areas of improvement in the various aspects of crisis management, including, but not limited to collaboration, coordination, executive decisions.
Our carefully planned assessment provide a highly cost-effective way to assess an organisation’s readiness as production systems or critical data are never at risk of being impacted.
We have assisted numerous organisations including FIFA, NHS, Capita, BNP Paribas, Formula One Racing, British Medical Journal, and many more with assessments and audits. Here's some feedback from just a few of them.
"I would recommend Cyber Management Alliance’s tabletop workshops to anyone genuinely interested in being on top of their cyber incident response strategies. The format and style of conducting the entire workshop is what I found a lot of value in. Most importantly, the scenarios on which the workshop was based were relevant to the business, making the exercise a great investment of time and resources."
"In order for BMJ to the right way forward we looked for a VCISO to advise us on the right way to do things and give us expertise. We went to Cyber Management Alliance and it's been about a year now and we ran workshops, looked at our response to incidents, created the incident response plan and we are in a position now where we understand our way forward. Our VCISO keeps us on our toes and overall it's been a very effective way of delivering expertise into the organisation that we wouldn't have normally had."
"The Cyber Crisis Tabletop Exercise and corresponding audit conducted by Cyber Management Alliance Ltd was expertly delivered and has given us insights to reinforce our cyber strategy by continuing to help build the picture of where we were, where we are now, and our next focussed steps. We will be engaging CM-Alliance on an annual basis."
Why not find out more about our audits and assessments, book a no-obligation discovery call with one of our consultants.
Amar and the team at Cyber Management Alliance have been a huge help in getting our firm positioned to deal with cyber security risk. Having opened our eyes to the variety and scale of challenges we face, and the potential financial consequences, they worked closely with us to improve our infrastructure, processes and understanding to embed cyber awareness into the firm. Their invaluable experience has guided us to the point where we should receive ISO27001 accreditation in the coming weeks – a key stamp of approval that lets clients know we take these risks very seriously.