DeepSec 2023 Tech Track Workshop: Tabletop Exercise/War Games – Julian Botham & Aron Feuer
The objective of an tabletop exercise is to assess and enhance an organization’s preparedness and executive decision-making protocols in the event of a ransomware attack. The exercise will simulate a ransomware attack on critical systems, culminating in encrypted files and a ransom demand. Participants will role-play as C-suite executives, IT security managers, legal advisors, and the public relations team.
The exercise will cover key activities, such as initial incident identification, activation of the incident response team, internal and external communication protocols, decision-making concerning ransom payment, coordination with law enforcement, system recovery and restoration, and post-incident analysis.
We asked Julian and Aron a few more questions about their tabletop exercise.
Please tell us the top 5 facts about your talk.
- The average ransom in 2023 is $1.54 million, almost double the 2022 figure of $812,380
- Ransomware attacks have risen by 13 percent in the last five years, with an average cost of $1.85 million per incident
- According to research by NordLocker, the country most affected by ransomware in 2021 was the USA.
- The United States, which held the first place with 732 cases last year, is followed by the United Kingdom with 74 attacks and Canada with 62 incidents.
- Our event will allow participants to feel as though they are in a real incident, and experience the “fog of war”.
How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?
We conduct ransomware simulations for executives across Canada, we thought it would be fun to allow conference goers the opportunity to experience what it’s like to experience the “fog of war” which is felt during an incident.
Why do you think this is an important topic?
As ransomware continues to ravage the cybersecurity community, it is prudent to practice and be ready for the next incident at any moment.
Is there something you want everybody to know – some good advice for our readers maybe?
We will be handing out placemats for participants to bring home to use to better their cybersecurity posture and prevent ransomware attacks!
A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?
Ransomware will continue to be profitable for the foreseeable future. Using tabletop exercises will allow us all to better prepare for the possibility of a ransomware attack.
By day, Julian works as a penetration tester hunting vulnerabilities to exploit. By night, Julian is a researcher and journalist focused on Russian cyberspace. Using his OSINT skills, Julian uncovers emerging threats to the Western world.
Aron is Valencia’s Chief Executive Optimist. A former hacker, he is active in audit, risk, and breach response.He’s responded to multimillion-dollar breaches by Lockbit and Anonymous, built classified apps, run hundreds of assessments & simulations. He’s the co-author of Canadian Privacy-Data Protection Law and Privacy, chair of Algonquin College’s security advisory board, media and conference speaker.