OpinionPREMIUM

Simulation essential to prepare for looming cyberattacks

Many firms lack the muscle memory to confront the ever growing assaults on cybersecurity

A cyberattack targeting a service provider for check-in and boarding systems has disrupted operations at several European airports. Stock photo.
A cyberattack targeting a service provider for check-in and boarding systems has disrupted operations at several European airports. Stock photo. (123RF/GLEB STOCK)

Businesses today are forced to navigate a perilous landscape of cyber-threats, characterised by the increasing frequency and sophistication of cyberattacks. The financial repercussions are staggering, with the average cost of a data breach reaching millions of dollars.

According to IBM’s “Cost of a Data Breach Report 2024‚, the global average cost in 2024 was $4.88m (R88.6m), a 10% increase over the previous year and the highest total yet.

Beyond monetary losses, the erosion of customer trust and brand reputation can be irreparable. As cyber-threats evolve, businesses must prioritise robust cybersecurity measures to safeguard their assets and ensure resilience in the face of this ever-present danger.

However, despite the increasing threat of cyberattacks, many organisations still lack effective controls and incident response plans, nor do they have the “muscle memory” gained from having faced and overcome a previous cyberbreach.

This is where the value of a ransomware attack simulation becomes apparent, as it is a crucial component in helping to prepare organisations for effectively responding to cyber-incidents. The insights gained from these simulations and training sessions can help enterprises adopt a “survival time objective” mindset, which focuses on the key metrics of time to detect, time to respond and time to recover.

Challenges and critical decision points

These training events typically see participants experience a simulated cyberattack in small groups, taking on roles in the leadership team of a fictional company during a ransomware negotiation. Participants are faced with challenges and critical decision points as they choose their response plans against the backdrop of a crafted story based on known network breaches that have hit some of the biggest global companies.

Essentially exposing executives to these advanced cybersecurity tools and strategies, simulations aim to give each persona the confidence to develop a comprehensive cyber-resiliency plan and take the necessary actions to protect their organisation

This approach, along with developing a robust response plan, can significantly enhance an organisation’s cyber-resilience and facilitate continuous business operations as it emphasises the growing need for businesses to deal proactively with the threat of ransomware and cyberattacks.

Ransomware attack simulations force executives to ask themselves critical questions when facing a breach, such as how to respond and what the plan of action should be. The key objective of a simulation is to empower businesses and help them adopt the right mindset when it comes to addressing cyber-threats.

Not only do the insights gained from simulation exercises help organisations better prepare for and respond, but they also distinguish disaster recovery from cyber-recovery, underscoring the importance of developing a tailored approach to cyber-resilience, rather than relying solely on traditional disaster recovery plans.

Lessons for real-life scenarios

Simulations are designed to help participants understand the perspectives and decision-making processes of the four key personnel involved: the CEO, chief technology officer, chief information Security Officer and legal counsel.

Simulations prompt participants to consider the critical statements, objectives and outcomes they would need to identify when engaging with real-life threat actors. This includes weighing the decision to negotiate, potentially involving a third-party negotiator, and ultimately determining whether to pay the ransom or rely on the organisation’s own cyber-resilience and trust in deployed technologies.

Essentially exposing executives to these advanced cybersecurity tools and strategies, simulations aim to give each persona the confidence to develop a comprehensive cyber-resiliency plan and take the necessary actions to protect their organisation.

This holistic approach to simulations, combining decision-making processes and practical cybersecurity solutions, helps prepare executives to effectively respond to and recover from real-world ransomware and cyberattacks, ultimately enhancing an organisation’s overall cyber-resilience.

Brown is country manager at Commvault, a cybersecurity platform

Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.

Comment icon
Sign UpLog In

Please read our Comment Policy before commenting.

Editor’s Choice

1

G20 glam vs reality: Nasrec shines - DA says it’s all a ‘cosmetic cover-up’

2

JUSTICE MALALA | Revelations at the parliamentary sessions and Madlanga Commission are just the tip of the iceberg

3

PALI LEHOHLA | To ‘democratise’ or ‘democrise’? South Africa must decide

4

JONATHAN JANSEN | Seven vital lessons I learned from teaching high schoolers and undergrads this year

5

EDITORIAL | City of Joburg exposes its own long-neglected structural failures

Related Articles