Background
Seeking to build and demonstrate crisis response maturity, Battleground was engaged to conduct, essentially the same ransomware scenario exercise over 2 separate sessions, with the difference being an increased level of complexity on the second occasion.
Implementation
The initial exercise Battleground focussed on management response to the ransomware attack, including ASX notification, invocation of Business Continuity Plans and government interaction as an operator of critical infrastructure. In the second iteration the Board were actively engaged through simulated Full Board and Sub Committee meetings in relation to the decision regarding payment of ransomware.
Results
Strengthened executive crisis capability that was demonstrated to the Board. Experience in establishing effective communications and operating rhythm between executive and Board and increased clarity in relation to the Board posture concerning the response to a major cyber incident.