How crisis simulators can revolutionise crisis response
Evie Lunn speaks to Maria Torres, Head of Customer Relations at Conducttr, about the key features of the crisis simulation platform and its significance in reducing risks associated with cyberattacks and other crises
Image: Adobe Stock | La Cassette Bleue
In today’s rapidly evolving digital landscape, organisations face increasing challenges when it comes to crisis response to cyberattacks. There is a new attack on the web every 39 seconds, costing the world £4.8 trillion in 2022 alone. This figure is expected to increase to £8.4 trillion by 2025. With such overwhelming statistics, fighting this invisible enemy can feel impossible. But the truth is that 95 per cent of all data breaches are the result of human error. The issue, then, isn’t necessarily the cyberattacks themselves. It is the failure to respond effectively and efficiently to such hazards that creates the crisis.
Maria Torres, Head of Customer Relations at Conducttr, spoke to me about how organisations need to be well prepared for such events. A common hurdle is the lack of comprehensive and realistic practise exercises. As a result, many organisations take a compliance-oriented tick-box approach, meaning that no one is fully prepared when a real crisis actually hits and a ‘rabbit-in-the-headlines’ situation unfolds.
"Most organisations face the challenge that their exercises aren’t realistic or engaging enough," Torres says. "That means that in the moment of need, nobody actually knows what to do or how to interact with other departments. The effect is that incidents often escalate too quickly to more senior leaders, wasting their time and productivity, and the incident isn’t resolved as quickly as possible."
The answer to this problem could lie in crisis simulation programmes, which are already playing a crucial role in training teams and enhancing their crisis response capabilities. These innovative tools allow organisations and individuals to rehearse crisis scenarios in a controlled environment, enabling them to develop effective response strategies, enhance decision-making capabilities, and ultimately reduce risk.
Torres explains how Conducttr offers a solution: it is a crisis simulation programme that offers a realistic immersive environment and creates interactive, engaging exercises crafted for those working in the corporate, defence, or humanitarian sectors. The idea is to provide users with a first-person perspective on an unfolding crisis, where they can practise responding to scenarios like cyberattacks, natural disasters, or even a kidnapping and ransoming situation. By empowering first-line responders, Conducttr helps organisations respond to crises with confidence across a wide range of simulated channels, like emailing, instant messaging, or social media. At the end of each exercise, participants are instantly provided with a report that reviews their performance, so that lessons learned during an exercise can be applied directly to a real-life incident. The invaluable insights gained from the platform enable organisations to adapt their strategies, benchmark their performance, and foster a proactive approach to risk mitigation.
Conducttr provides users with a realistic rehearsal of an overwhelming and stressful environment so that they can practise decision-making skills and see the consequences of their actions in real-time. From disabling viral social media posts to addressing co-ordinated cyberattacks, these simulations help businesses identify vulnerabilities, refine their incident response plans, and build resilience against future threats in a risk-free but realistic environment.
Successful crisis response hinges on effective teamwork, communication, and collaboration. Conducttr recognises this, and positions the critical role of human interaction in crisis management at the forefront of the software.
Torres emphasises that Conducttr’s software is purpose-built to train teams: "Responding successfully to a crisis is about teamwork, and great teamwork means communication and collaboration. Our software is designed from the bottom up to train teams so that human interaction is [...] core to what we do."
Furthermore, Torres suggests that simply raising awareness about cybersecurity risks is insufficient for crisis response preparation. Employees must have a comprehensive understanding of the consequences of their actions, and the best way to do this is through interactive training that demonstrates the effects of not adhering to policy.
It has never been more important for businesses to be prepared and responsive in the face of adversity, especially when facing an environment that is constantly evolving and where a strike can take place with little to no warning.
Ultimately, crisis simulation platforms provide a means to navigate the complex and unpredictable landscape of this technological epoch. They offer a transformative approach to risk reduction, ensuring that organisations are vigilant in their risk management strategies and prepared for the challenges presented by an ever-evolving era of digital influence.
Maria Torres is hosting a session titled Cyber-attack live exercise – will you save the day? at this year’s Risk-!n conference. Register for the event here.