The Puppetmaster, now wielding AI, has seized your communication channels, plunging your team into a chaotic crisis. Navigate a landscape of weaponized information, security breaches, and ethical dilemmas as you strive to regain control. 'AI-pril Fools' tests your ability to manage AI-driven manipulation, mitigate reputational damage, and make critical decisions under pressure, challenging your understanding of AI's vulnerabilities and the complexities of modern information warfare.

Malicious actor

In #LoveHacked, step into the role of Orchid Retail's COO during a Valentine's Day cyberattack, where celebration turns to chaos. This point-of-view exercise emphasizes the critical 'golden hour' of crisis response, demanding rapid, informed decisions with limited information. Participants will navigate operational disruptions, reputational damage, and customer trust breaches, honing their skills in critical thinking, crisis communication, and stakeholder management to effectively mitigate the unfolding cyber threat.

Other

WastedLocker Personal Data Exposure

Players work for a telecommunications and technology company running GPS services for transport systems, ranging from consumers to airports. The need to assume their role in the CMT with your IT and SOC teams presents itself when their services are rendered useless by a ransomware attack.

Ransomware

Patient Record Compromise

Participants work for a for-profit healthcare organization in America. The company operates critical care hospitals and psychiatric facilities across numerous states, when an unmatched VPN vulnerability is exploited to bring patient care to a deadly standstill.

Ransomware

Phishing Compromise

You work as Head of IT for a wealth management firm. When a phishing email compromises customer information you must navigate reputational, staff, and financial fallout.

Phishing email

Ransomware: Garmin

In this simulation, participants step into the role of an Incident Response Handler at Glomax following a suspected ransomware attack, mirroring the real-world incident experienced by Garmin. With encrypted data and operations locked out, participants must engage in swift and strategic response measures to mitigate the impact of the cyberattack. Taking cues from the Garmin incident, participants navigate the crisis with urgency and expertise, leveraging their skills as incident handlers to address the ransomware attack head-on and safeguard Glomax's data and operational integrity.

Ransomware

National Infrastructure Collapse

You are a member of an executive crisis  management team, faced with life and death decisions following a cyber attack that interrupts energy supplies to people's homes in the middle of a pandemic-stricken winter.

Ransomware

Network Abduction

Players work for a multinational banking and financial services company. Taking on the role of CISO, and interfacing with the wider CMT, the requirements to continue operations with reduced capability, balancing proactive and reactive security measures and patching protocols, needs to be managed.

Pharmaceutical IP Threat

You are a member of the executive CMT for a pharmaceutical company and must manage product, operational, and reputational fallout from a large competitor releasing a product using your IP before you.

Insider Threat

Global Server Hack: Microsoft Hafnium Vulnerability

In this scenario, participants assume roles within Vexus Solutions, one of the US's major insurance providers specializing in natural disaster coverage for critical national infrastructure sites. Facing a potential cyber threat from the Chinese government-backed hacking group Hafnium targeting Microsoft Exchange servers, Vexus is at risk of data breaches compromising confidential client information, including infrastructure vulnerabilities. With crucial data exchange occurring via email and CRM systems connected to Microsoft Exchange, participants must engage in technical incident response activities to mitigate risks, assess potential impacts, and enhance cybersecurity measures to protect sensitive data and ensure operational continuity for Vexus and its clients.

Malicious code

Chatbot Hack

You are an Incident Manager dealing with reputational, operational, and financial consequences of your company's chatbot being compromised by criminal actors and insulting customers.

Ransomware

Product Contamination Sabotage

Players are a member of the executive CMT at a vegan drinks company. Soon to be acquired by another company, with questionable environmental practices, hacktivists attempt to sabotage critical manufacturing and QA SCADA systems and deface the company's public reputation.

Remote System Exploitation,

SCADA

Oldsmar Poisoned Water

Participants are an Incident Manager for a US public water company. When two attacks affect the quality of the water, causing physical sickness to citizens, they must deal with the security and reputational ramifications.

Remote System

Exploitation,

Insecure

Systems

Hospital Meltdown

Players are a member of a medical center's Crisis Management team. When a ransomware attack compromises the hospital's main systems and databases, players must address fallout relating to data, physical security, regulatory requirements, and the press, all while safeguarding their patients.

Ransomware

Cyber Breach Reporting

Participants are a member of an Executive Crisis Management team tasked with managing the IT, operational, regulatory, and reputational fallouts of a severe corporate systems breach, resulting from the reuse of one single employee password.

Password

Reuse

Technical Incident Response Scenario

In this scenario, you're part of the incident response team at a central bank, responsible for the issue and supply of the national currency and the regulation of the national banking system. You'll tackle an emerging ransomware crisis by making important decisions and recommendations, and see the impact of those choices in real time.

Ransomware

Electric Car Catastrophe

Based on several ransomware attacks targeting automotive companies, in this scenario, participants navigate factory shutdowns, logistical barriers, and operational hazards. Participants must balance business continuity with operational impacts while building strategic decision-making and testing flexible crisis response capabilities.

Ransomware

University Corruption Scandal

In this scenario, players are a core member of the CMT at a prestigious Ivy League university in California, that has a good reputation for computer science and information security, as well as a football team. Participants navigate the knock-on effects of a ransomware attack when physical student safety becomes a concern

Ransomware

Supply Chain Pain

Players work for a software device management company, which supplies a number of companies with software. When Microsoft informs players that a zero day has been found in the open source modules of their software, decisions to protect the organization and suppliers, need to be made.

Zero-Day

Exploit

USB Hack: Network Down

In this scenario, participants play as an executive CMT member for a US-based telecommunications company that works with emergency services. Centered around a seemingly legitimate USB stick, participants navigate problems that arise when a ransom note is discovered and lines of communication with first responders are impaired.

Malicious USB,

Phishing,

Ransomware

Collaboration Dilemma

This scenario focuses on a supply-chain compromise and managing third-party risk. Participants are CISOs of a multinational company specializing in project management and collaboration software for the financial sector. The third-party supplier of the software informs the CISO of an attack.

Supply Chain

Compromise

Sewage Subterfuge

Participants are part of the crisis management team at a publicly owned treatment works. The organization has been through a program of job cutting to fund technology improvements as it's current SCADA system uses very old technology.

Insider Threat

Embassy Bomb Threat

This scenario focuses on an operational threat and places participants in the role of the Head of Security or Head of Communications, as they respond to a major attack on a government building. It focuses on developing competencies needed to manage a crisis and respond to problems, as well as the importance of the reflection and review process, following a crisis.

Operational Threat

Explosive Device

Accessibility Crisis

Participants work for a technology company looking to bring a category-leading product to market with an imminent, high-profile product launch event. When Hacktivists target the event, values around diversity, equity, inclusion and product accessibility are brought into question and participants are faced with financial, reputational and regulatory repercussions.

Targeted

attack

Healthcare AI

A healthcare group integrated an AI-driven diagnostic tool to revolutionize their industry, but a lack of data verification and oversight resulted in misdiagnoses and incorrect treatment plans. This incident has put the healthcare group and the future of AI in the industry under scrutiny. Participants in the crisis exercise must make critical decisions to balance safety, operational demands, and stakeholder management.

AI

Attacker Perspective: Spearphishing

In this scenario, participants step into the shoes of a beginner hacktivist working with a group targeting entertainment organizations. Given a target - a video game publisher with negative press about staff working hours - participants must utilize their basic hacking skills to infiltrate the organization and expose poor behavior. Emphasizing the ease with which even novice hackers can cause disruption, this exercise prompts exploration of hacktivism motives beyond financial gain. Inspired by real-world attacks on video game companies, this scenario challenges participants to prove their value by shining a light on corporate misconduct through cyber means.

Malicious actor

Up in the Air

In this simulation, participants take on multiple roles within Longitude Airlines, a major US-based airline, to tackle a worst-case scenario of operational paralysis. With the airline's reputation and finances on the line, participants navigate the challenges of suspended flight operations, predicting substantial backlogs and financial losses. As they immerse themselves in the high-pressure aviation sector, decision-making is crucial as they work to mitigate the impacts of passenger and luggage backlogs that could take days to clear, costing millions of dollars in the process. This exercise offers a real-world glimpse into the complexities of airline crisis management without direct feedback, allowing participants to engage and progress through informed decision-making.

Supply Chain Compromise

Malicious Code: Incident Responder

In this crisis simulation, participants step into the role of an incident responder within a Security Operations Center (SOC) at TalkCom, a leading national telecommunications provider. Tasked with handling an emerging cyberattack scenario, participants must leverage their crisis management knowledge and skills to make critical decisions that impact the company's operations, reputation, and resilience in real-time. By demonstrating situational awareness, communication proficiency, and effective decision-making, participants will navigate the complexities of responding to a major cyber incident that threatens the integrity of TalkCom's mobile telecom network. This immersive exercise challenges participants to evaluate the outcomes of their decisions, reflecting on their experience to enhance judgment and readiness for future crises.

Malicious code

Manufacturing Crisis

In this simulation, participants are immersed in a cyber crisis scenario affecting EngiTech, a UK-based manufacturing company specializing in security access components for commercial buildings. Following the installation of state-of-the-art IIoT devices from a trusted supplier, Dynamik Manufacturing Ltd, EngiTech faces equipment malfunctions at one of its manufacturing sites. Participants will assume various roles within EngiTech's operations, addressing insider threats, third-party risks, software vulnerabilities, and cyber-physical impacts resulting from the cyberattack. Through strategic decision-making and crisis response, participants navigate the rapidly evolving crisis, highlighting the interconnected nature of cyber risks in the manufacturing industry and the need for swift and effective mitigation measures.

Insider Threat, Supply Chain Compromise

Capita Ransomware Attack: Threat Response

In this scenario, participants step into the role of employees at Paragon Services, a global consulting company facing a cyberattack by the ransomware operator Black Basta, reminiscent of the attack on Capita by the same threat actor. With customers including critical sectors like the NHS, defense contractors, and local authorities, Paragon Services holds sensitive data vital to national security. Participants must navigate the fallout of the cyber incident, which could lead to data exfiltration and system lockdowns, requiring quick and strategic responses to safeguard confidential information and maintain trust with key clients.

Ransomware

Natural Disaster - Wildfire

A contained wildfire near the company's headquarters unexpectedly spreads due to strong winds, threatening both the Head Office and hybrid workers' homes. As the situation evolves, the government's early warning system triggers, and the crisis management team (CMT) must adapt to the unfolding crisis.

Natural Disaster

International Racing Championship

Exercising and simulation are essential for building crisis response muscle memory, just like in motor racing where drivers respond appropriately to challenges through realistic simulations. In this cyber crisis scenario, you will take control of an International Racing Championship (IRC) team's decision-making process, balancing reputation, security, and performance during the British Championship. It's an opportunity to test your skills and make critical decisions as the incident unfolds. Let's get started and put your crisis response abilities to the test.

Malicious USB, targeted attack

A Not So Silent Night

During the peak of the festive season at the North Pole, Santa Claus implements an AI system to streamline operations. However, an unexpected error occurs when the AI categorizes every child on earth as naughty, throwing the North Pole into chaos. This unprecedented event has the potential to derail the entire holiday season, and urgent action is needed to rectify the situation.

AI

Valentine's Day Chaos

This Crisis Simulation offers two pathways, each with a Valentine's Day theme tailored to specific industries: retail/business and healthcare. The retail/business scenario puts you in the fast-paced environment of a major retailer during the Valentine's Day season, testing your skills in handling logistical challenges, public relations, and competitive pressures. On the other hand, the healthcare scenario places you in the midst of a severe winter storm, where you must manage the demand on healthcare services, including patient care, resource allocation, and staff wellbeing. Both pathways offer unique challenges and opportunities to test your abilities in different contexts.

Supply Chain Compromise or Severe Weather

Digital Dilemma: Data Breach Response

Digital Dilemma is a crisis management simulation that aims to enhance participants' decision-making skills in the midst of a complex cyber crisis. It takes place within a global corporation and presents a realistic scenario where teams must navigate the challenges of a significant cyber threat. The simulation tests participants' abilities to handle internal dynamics, external pressures, and ethical dilemmas while ensuring operational continuity and maintaining stakeholder trust.

Data Breach

Fools Gambit: Deepfake Dilemma

Step into the high-stakes world of crisis management with this scenario, where you'll take on the critical role of head of PR and Communications for a leading news network.
Amid an unprecedented deepfake crisis that threatens the network's credibility and public trust, this exercise will test your strategic communication, stakeholder engagement, and misinformation management skills. As you navigate a series of complex decisions, you must balance internal morale, media relations, and public perception.

Whether you are a seasoned executive, a budding crisis manager, or someone interested in the dynamics of crisis communication, this simulation provides a unique opportunity to experience the challenges and rewards of leading through a crisis, emphasizing the importance of communications in safeguarding an organization's integrity and reputation.

Deepfake

Bank Heist

This immersive crisis management exercise is designed to challenge and hone your strategic decision making skills in the high-stakes world of banking and finance. You'll step into the shoes of the bank's crisis management team (CMT) following a major theft of cash reserves. You will be tasked with safeguarding the institution's future, protecting customer interests, and navigating regulatory landscapes - all while maintaining public trust and operational stability.

Will you secure the bank against further threats, maintain liquidity, and rebuild customer confidence? Or will missteps lead to spiraling consequences? Weigh the pros and cons of complex choices and strategize with you team to steer the bank back to stability.

NOTE: This Crisis SIM can also be run as an event in partnership with a Team Sim to test both your technical and executive crisis teams. For more information on this contract your customer success manager.

Cyber theft

Operation Chimera: Lycia Pensions

This scenarios is a companion to a Team Sim

scenario. They combine to test crisis management and technical teams concurrently, allowing you to assess technical skills alongside judgment and decision-making.

Data

Breach

The 8-k Conundrum

In this exercise, you'll step into the shoes of a senior executive facing a critical decision: how to handle a material event that requires immediate disclosure through an 8-K filing with the Security and Exchange Commission (SEC).

The clock is ticking, the stakes are high, and the consequences of your decisions could impact the company's future, reputation, and even your career. You'll face ethical dilemmas, legal challenges, and intense pressure from investors.

Internal Threat

Operation Wipeout

This scenario simulates a devastating cyber attack where a wiper malware severely impacts your company's systems and disrupts operations. This immersive exercise tests your crisis management and business continuity capabilities, challenging you to make critical decisions under pressure.

Malicious actor / data destruction

Boardroom Betrayal: When Deepfakes Striker the Top

This high-stakes crisis simulation is designed to test board members' and C-suite executives' decision making skills and resilience when faced with a sophisticated deepfake attack.

Participants will navigate the complexities of a rapidly evolving crisis, balancing competing priorities, managing internal and external pressures, and making tough ethical choices with far-reaching consequences. 

You will explore the unique challenges posed by deepfakes in the corporate world, highlighting the importance of swift and decisive action, transparent communication, and ethical leadership in the face of misinformation and reputational risk.

Malicious actor / Deepfake

Solar Sentinel

In a world that relies increasingly on interconnected technology, the potential for a natural disaster to cause widespread disruptions is a significant concern.

The Carrington Event serves as a chilling example of one of the most powerful solar storms ever recorded. Another event of this magnitude could devastate our power grids, communication networks, and critical infrastructure. This event underscores the urgent need for preparedness and mitigation strategies.

This scenario will immerse you in the chaos and complexity of such a crisis. You'll step into the shoes of the Global Crisis Response Team (GCRT), tasked with advising governments and coordinating a global response to this unprecedented disaster.

Natural Disaster

Unforeseen Consequences

It's early morning and you wake up to the news reports of a major outage that has impacted Microsoft services around the globe.

Your phone is pinging with notifications and reports from the cloud teams saying that cloud services are impacted.

You jump onto your corporate asset to start getting a handle on the situation and are suddenly met with the Blue Screen of Death (BSoD).

Human Error

The Walls Have Ears (Part 1)

The company faces a series of unsettling events that threaten its foundation. Production lines are faltering, critical systems are failing, and a sense of unease permeates the workforce. The leadership team is grappling with mounting challenges, and the clock is ticking.

As a crisis management team (CMT) member, you're thrust into the heart of this unfolding crisis. You must navigate a labyrinth of uncertainty and make critical decisions that will determine the company's fate.

Malicious actor

The Walls Have Ears (Part 2)

The full extent of the espionage is only now coming to light, revealing a conspiracy that reaches far deeper than you ever imagined. A competitor stands poised to strike, armed with your stolen secrets and ruthless ambition.

The fallout is far-reaching: your stock price is in freefall, key partnerships are crumbling, and your employees are teetering on the brink of revolt. The crisis has escalated to the point of no return, and the crisis management team (CMT) must make choices that will determine the company's survival.

In Part One, you faced a series of escalating challenges, from production disruptions and unauthorized access to the discovery of a sinister cyberattack. Now, in Part Two, the consequences of those events will unfold in unexpected and devastating ways.

Malicious actor

One Password, Multiple Problems: A Cybersecurity Awareness Exercise

This interactive exercise will immerse you in a realistic scenario where one reused password triggers a chain reaction of cybersecurity challenges. You'll witness firsthand how a seemingly harmless act can have far-reaching consequences for a telecoms company, its customers, and its reputation.

Designed for all knowledge levels, this exercise will demonstrate the critical importance of password hygiene and each individual's role in safeguarding sensitive data. You'll be challenged to make tough decisions, navigate complex situations, and experience the ripple effects of your choices.

Malicious actor

Digital Operational Resilience Act

You work for an international bank with headquarters in Germany and operations in the US, UK, and APAC. The bank has recently announced its digitalization journey, emphasizing the adoption of emerging technology. This scenario focuses on a ransomware attack targeting a third-party supplier and the bank's obligations under the Digital Operational Resilience Act.

Ransomware

Puppetmaster's Revenge

In "this scenario, the mischievous hacker Puppetmaster targets leading IoT developer Immersive Tech, turning their products into spooky surprises. As the crisis management team, participants must identify vulnerabilities, mitigate chaos, protect the company's reputation, and turn the hack into a PR opportunity. Join this Halloween-themed exercise to showcase your skills in handling unprecedented crises and navigating through chilling challenges.

Malicious actor

Christmas Tree-son

In "Christmas Tree-son," participants are thrust into a whimsical yet high-stakes scenario where a cyber storm threatens the magic of Christmas at the North Pole. As the crisis management team tasked with saving the holidays, participants must navigate the chaos, communicate effectively, manage reputation, make critical decisions under pressure, address cybersecurity threats, and uphold ethical values while ensuring business continuity. This festive simulation immerses participants in a digital plight where the fate of Christmas rests in their hands, offering valuable lessons in crisis response, reputation management, decision-making, cybersecurity, and ethical considerations in a fun and engaging setting.

Other

Logistics Lockdown: 24 Hours of Chaos

In this scenario, participants are faced with a high-stakes scenario where a logistics partner's ERP system, including critical shipping functions, has been taken offline by a suspected cyberattack. With warehouses full and essential shipments pending, the company is under pressure to react swiftly to prevent financial loss and uphold its reputation. As new orders flood in and customers inquire about delays, participants must navigate the operational and reputational impacts of a supply chain cyberattack, make rapid decisions under pressure, analyze team responsibilities in a cybersecurity crisis, and assess response options' consequences on business continuity, customer relations, and ethical considerations.

Ransomware

Crisis at the Dam

In this scenario, participants step into the shoes of the crisis management team (CMT) responsible for a critical hydroelectric dam during an unprecedented storm. With torrential rains causing rising waters and threatening the dam's stability, the team must make crucial decisions to ensure the safety of staff and downstream communities. The scenario challenges participants to navigate high-stakes choices with far-reaching consequences, balancing the need for swift action with the importance of considering the impacts on livelihoods, infrastructure, and the environment.

Other

Orchid Energy: Trial by Fire and Data

In this scenario, participants are immersed in a complex polycrisis simulation that challenges Orchid Energy with interconnected challenges, including cyber and non-cyber crises. As the leaders of Orchid Energy, participants must make difficult decisions, navigate ethical dilemmas, and manage the relentless pressure of addressing multiple crises simultaneously. The simulation underscores the importance of effective communication, collaboration, and decision-making in the face of cascading events. With the fate of Orchid Energy, its employees, and stakeholders hanging in the balance, participants are tasked with demonstrating resilience, adaptability, and strategic thinking to steer the organization through this trial by fire and data.

Targeted attack

The FlashPoint Podcast

in this scenario, participants take on the role of the Chief Operating Officer (COO) and Crisis Management Lead at Orchid Investments, a leading financial firm grappling with an AI crisis that results in financial losses, client panic, and media scrutiny. Through an immersive podcast-style narrative, participants are transported back in time to pivotal moments of the crisis, making decisions that determine the storyline's outcome. The simulation features branched narratives, expert commentary, and insights into crisis recognition, decision-making under pressure, communication strategies, and AI security and ethics. Designed for C-suite executives, senior managers, IT leaders, and risk management professionals, this simulation offers a dynamic and personalized exploration of managing a high-stakes AI-related crisis in the financial industry.

Targeted attack

Supply Chain Compromise