Skip to main content

Cyber Crisis Exercise

Measure and improve cyber crisis management.

Book a demo
Young business people having a meeting

Proactively test and cyber workforce security responses to crisis scenarios

True cyber crisis management is a mix of people, technology and processes; organizations must ensure a robust infrastructure is matched by a workforce with proven skills and capabilities.

Mastercard’s Cyber Crisis Exercise solution simulates likely cyber crisis scenarios and threats to your organization and reveals executive and response team performance and collaboration. The lessons learned enhance cyber workforce readiness and resilience.

Identify

Create a tailored crisis scenario for likely events based on a threat landscape analysis.

Some text

Assess

Test participants with mock incident recording responses & collaboration.

Some text

Learn

Fix performance gaps through upskilling & playbook recommendations.

Some text

Learn from expert cyber advisors in customized workshops

  1. Scenarios are prepared. Mastercard’s experts evaluate your organization’s threat landscape and create customized attack scenarios your organization could face.
  2. Teams are tested. Your workforce, from executive to incident response and security operations center (SOC) teams, are tested with mock scenarios run concurrently and their performance recorded.
  3. You receive recommendations. You receive participant benchmarks and best-in-class recommendations specific to team and individual performance.

Higher readiness

Fix gaps in your defenses and create muscle memory before real incidents happen.

Some text

Lower risk

Reduce the impact of real incidents by ensuring your team is ready.

Some text

Increased efficiency

Invest efficiently and accurately to bridge gaps in training, playbooks and cooperation.

Some text

Technology Partnership

Immersive

Mastercard partners with cyber crisis simulation industry leader, Immersive to support decision-making to enhance cyber workforce resilience.

 

Learn more
Young business people having a meeting

Join the global payments network secured by over 50 years of cybersecurity principles

18

Petabytes of sensitive data stored securely.

3B+

Cards’ data and transactions secured annually.

200

Attacks on our network detected and defeated every minute of every day.

 

CUSTOMER STORY

Meezan Bank reduces potential financial loss from a cyber breach

Meezan Bank in Pakistan engaged Mastercard to design and run a crisis simulation exercise for the institution’s senior management team.

Businessman working on laptop
unlocked icon

Cyber Quant

Mastercard Cyber Quant identifies cybersecurity risks, measures financial impact of breaches and improves your cybersecurity posture.

Learn more
Consumer purchasing online icon

Cyber Insights

Mastercard Cyber Insights evaluates your cyber attack landscape using dark web intelligence and cyber threat patterns.

Learn more

Cyber Front

Mastercard Cyber Front delivers cyber threat simulations to help businesses prioritize cybersecurity investments and security infrastructure.

Learn more

Book a demo

Request a personalized demo to learn how Mastercard can enhance your business through our products and services.

Book a demo
Mastercard

Frequently asked questions

Cybersecurity crises refer to incidents impacting the confidentiality, integrity and/or availability of one or more of an organization’s assets.

Cyber crises tend to be attributed to human action, whether deliberate such as cyber attacks (malware, social engineering, denial of service, etc.) or accidental in cases such as insider negligence. However, often crises can also be caused by natural disasters such as flooding or hurricanes impacting asset availability.

 

 

Cyber crisis management plans are developed by organizations to manage a cyber incident before, during and after it occurs. They will generally contain elements of incident response and disaster recovery, with the aim of reducing downtime of core systems, managing the regulatory and reputational impact as quickly as possible and ensuring business continuity. At the most granular level, organizations must prepare tactical playbooks with instructions on how to handle each likely incident type. What is a cyber crisis exercise?

A cyber crisis exercise is essentially a live simulation of crisis scenarios organizations are likely to face. The relevant staff that would be responsible for handling cyber crisis incidents per the crisis management plan are put to the test and tasked with leveraging the technology and processes (e.g. playbooks) at their disposal to effectively resolve the incident to the best of their ability and causing minimum impact to their organization.

During a simulation workshop, staff access a web platform where the crisis scenario is explained, and different questions are asked pertaining to how they would act at each stage of the crisis. A set of response options are provided, to be selected by participants. Each response requires justification and leads to a new set of actions. Responses are then evaluated according to a set of performance metrics which the organization is interested in tracking. These can range from their adherence to playbooks and collaboration between difference teams or team members, to how their actions impact the organization’s share value or brand reputation.

 

 

 

Exercises can and should include any and all staff that would in some way be involved when an organization is dealing with a cyber crisis, starting from technical teams such as SOC analysts and IT, through cybersecurity and crisis management as well as adjacent teams such as Legal and Communications, and up to strategic decision-makers such as the organization’s C-level employees. These should all be able to coordinate and collaborate effectively during a crisis, which requires practice and testing through regular exercising.

Before an exercise workshop takes place, Mastercard’s Advisors will evaluate the organization’s threat landscape and collaborate with its cybersecurity management team in order to create a likely cyber crisis scenario and tailor it to the organization’s day-to-day operations. This ensures exercise participants build readiness and muscle memory for future incidents with a high probability of occurring, while also being tested under familiar conditions. While preparing the scenario, Advisors will rank the response options provided for each question from best to worst according to company playbooks and their own industry expertise.

During the workshop itself, Advisors will present and launch the scenario, with participants engaging through a web platform. They will observe and evaluate participant performance, relating not only to responses given at each stage of the crisis but also collaboration with other team member and ability to operate under stress.

After running the crisis exercise workshop, Mastercard’s Advisors will hold a debrief session to highlight initial key strengths and areas of improvement from the simulation. Once participant responses and performance metrics are analyzed, Advisors will provide a deliverable report containing the following:

  • A country and sector-level threat landscape evaluation, showing likely attack scenarios the organization will face and spotlighting the one selected to build the exercise scenario
  • Performance metrics for the exercise at the organization, team and individual participant levels, including benchmarking analysis
  • Assessed impact to the organization were the crisis simulation to happen in real life, and lessons learned from how the cyber crisis was handled
  • Actionable recommendations for moving forward and improving cyber resilience, through playbook enhancement best practices, creation or refinement of cyber crisis communication plans and focalized training for relevant teams or employees