This workshop is a live digital crisis simulation game. Attendees are split into teams and roleplay a typical telco CERT. They have to deal with an escalating high-stakes incident that put them under pressure. They have to use strategic and analytical skills to solve the crisis, while keeping the company running and the executive board happy. This simulation pushes them to work together and keep their actions precise and thoroughly documented, while actively communicating with the company’s board, the press, and related third parties to minimise potential collateral damage.
The teams have to combine the knowledge on forensics, OSINT, threat intelligence, threat hunting and malware analysis acquired during the training to identify the real source of the threat while preserving the peace by regularly communicating with the board and the press.
The teams have to report each incident using forensics reporting principles and they individually decide when to go into crisis mode.
Each team’s performance is measured by three meters: financial damage, reputation, and operational reliability, and an executive happiness level. These metrics and how they are influenced are made clear at the start of the simulation.
If a team goes into crisis mode, certain bonuses and penalties apply to the metrics. At the end of the simulation, the team with the best score wins the game.