Client Goals 

The CIO of Waverton Investment Management, Mudassar Ulhaq, engaged with Cyber Management Alliance to fulfil the following objectives:

• To meet external regulatory obligations related to testing of Incident Response Plans.
• To enhance the awareness of the board regarding cybersecurity risks and threats.
• To help the board understand their roles and responsibilities during a crisis.
• To test the security posture of the organisation and the effectiveness of the Incident Response Plans through a well-defined scenario relevant to the operational framework of Waverton Investment Management.
• To reinforce the awareness created amongst the board through successive workshops.
  
  

“The overall objective was to demonstrate & raise awareness amongst the board members. It is a regulatory obligation to ensure that the board are aware of their duties when it comes to incident response & cyber management. It was very important to run this workshop in my opinion… because although we have incident response plans internally, it was imperative to test them & the board’s engagement with a well-defined scenario created by myself and Amar.”

–Mudassar Ulhaq, CIO, Waverton Investment Management

 

Why Cyber Management Alliance?

Waverton Investment Management aimed to fulfil its goals by having an experienced external facilitator conduct its Cyber Crisis Tabletop Workshops. The reasons for hiring an external trusted advisor were the following:

• Deeper and more meaningful engagement of internal staff with an external workshop host.
• Brings on board broader and more comprehensive experience.
• Ability to see the larger picture from a distance, which an internal member may be unable to.
• Remedial actions suggested by trusted advisors are always deemed valuable to the business.

Waverton Investment Management chose to engage with Cyber Management Alliance based on the past success it has had with workshops conducted by the trusted advisors. Cyber Management Alliance has previously conducted a successful, one-day tabletop session for Waverton with the management committee and the incident response teams. However, the Cyber Crisis Tabletop workshop in 2020 was the first one geared towards the board. Imbued by its success, Waverton Investment organised a follow-up scenario-based workshop for the board in 2021.

The client opted to work with CM-Alliance based on the organisation’s market reputation and extensive experience as well as the vast knowledge and delivery capabilities of the workshop facilitator, Amar Singh (also the CEO and Co-Founder of Cyber Management Alliance).

“Having a long-standing relationship with CM-Alliance and Amar, it was the natural choice to arrange this workshop with them. Amar’s approach to such workshops is very effective and he is able to hold the attention of the audience really well. Running a tabletop exercise remotely is very difficult but Amar was able to keep the session very engaging and I think that was very important for us,” explained Mudassar. 

 

Scenario Building & the Actual Exercise

 

Scenario-building is extremely important to a successful cyber tabletop exercise, especially one that is aimed at the board and the senior-most management. It makes the crisis workshop slightly more realistic and having a scenario based on current operating systems in the business makes the session far more engaging and appealing.

Mudassar Ulhaq, the CIO of Waverton Investment Management and Amar Singh, the workshop facilitator, worked in collaboration to create a bespoke scenario for the workshops that would be highly relevant to the client’s business and also expose the real threats and dangers to the organisation.

The result was that both the sessions effectively highlighted the impact a real cyber crisis could have on the business, and it opened up the understanding of the same amongst board members.

It also played a huge role in helping the participants understand where the organisation currently stands in terms of its technology infrastructure and if its capabilities are sufficient in the face of a real threat.

 

Client Experience

Waverton Investment Management derived the following benefits from the Cyber Crisis Tabletop Workshop planned and executed in collaboration with Cyber Management Alliance:

• Development of muscle memory amongst board members regarding what they need to do in case of a cyber event.
• An increased understanding amongst the board about their individual roles and responsibilities in case of a crisis. A deeper sense of responsibility regarding the role each member has to play was enforced during the workshop.
• A detailed test of the efficiency of internal Incident Response Plans, Crisis Management processes and procedures was undertaken – this is imperative to keep the organisation secure from threats as well as to meet regulatory compliances.
• Running the fictional scenarios allowed the organisation to test the board’s decision-making skills and to evaluate what their skill sets should be during such an event. It also clarified if any reorientation of skills as well as responsibilities was required.
• It helped ensure that future implementations of technology are fit-for-purpose and that policy procedures can be modified accordingly. 
• Improved the technology roadmap and enabled business buy-in from a budget perspective which can often be a challenge.
• The follow-up workshop reinforced the awareness created in the initial session. Board members were able to stay updated on the current threat landscape and trends in the cyber space.
• They were also able to demonstrate their enhanced knowledge and awareness as an outcome from the previous workshop.
• A verifiable evolution in the board’s attitude towards understanding the key nuances of Waverton’s security strategy. Board members brought up cybersecurity trends and current issues themselves proving that the previous workshop underlined the importance of cybersecurity for them .

“The muscle memory for the board and raising awareness among them regarding roles and responsibilities were the key tangible benefits. We’ve also been able to test the board’s decision-making skills which was vital. Improved awareness amongst board members regarding Cyber Incident Response and other Cybersecurity issues was evident, especially after the second workshop in 2021.”  

- Mudassar Ulhaq

 

Would the Client Recommend the Exercise to Peers?

The client, Mudassar Ulhaq, said that he would recommend every organisation to run a Cyber Crisis Tabletop Workshop for the following reasons:

• Ensure regulatory and internal compliance obligations are met. 
• Enable the board to understand the organisation’s operating threat landscape.
• Enable members to gain a better grasp on their roles and responsibilities.
• Allows the organisation to also demonstrate and strengthen its inter-departmental communication.
• Take remedial action to improve technology roadmap.
• Deeper and more meaningful engagement of internal staff with an external workshop host.
• Brings on board broader and more comprehensive experience.
• Ability to see the larger picture from a distance, which an internal member may be unable to.
• Remedial actions suggested by trusted advisors are always deemed valuable to the business.
  

“The benefits of running a session like this is that it allows us to ensure that we meet our regulatory and internal compliance obligations. For many organisations, I would recommend that it should be on their agenda to run a workshop like this, especially from a board perspective.”

- Mudassar Ulhaq