We employ only highly experienced A-teams with extensive nation-state level cyber warfare backgrounds, offensive and defensive capabilities, and decades of incident response experience. Our teams are able to out-think, out-maneuver and outpace attackers.
The first 24-48 hours are critical in the battle against attackers. Quick, precise, and well-informed decisions are essential. You don’t want to be thinking about how to react during a real crisis: you need to know how to react.
Sygnia’s Tabletop Wargames are designed to strengthen the cyber security awareness and ability of corporate leadership to guide the organization through a major cyber crisis. They enable leadership to understand the typical flow of an incident, roles and responsibilities in a crisis, and stress-test key processes while tackling complex challenges.
Sygnia leverages extensive front-line experience responding to major, heavy-weight cyber attacks, to create realistic attack scenarios that generate pragmatic takeaways for our clients. Sygnia offers several types of wargames, each tuned to the needs and alignment of different leadership teams in the organization:
- Risk-based decision making
- Roles and responsibilities
- Leadership in a crisis
- Fiduciary responsibilities
- Protecting and recovering IT systems in alignment with business priorities
- Ransom negotiation and payment
- Public and regulatory disclosure
- Making decisions with partial visibility and incomplete forensic evidence
- Internal and external communications
- Brand and reputational risk
A HIGH-IMPACT LEARNING EXPERIENCE IN JUST 2-3 HOURS
Wargames are performed as deep-dive tabletop exercises mimicking a major cyber security incident. They are led by Sygnia experts with extensive experience in helping organizations prepare and respond to some of the world’s most sophisticated and dangerous threat groups. The Sygnia team guides participants through a major incident as it would unfold in the company’s IT infrastructure, and provides options and decision-making opportunities at each step, as well as a set of possible outcomes. The wargames focus on agreed-upon high-impact scenarios that are aligned with both current threat trends, and the client’s security and technology environment.
Sygnia focuses heavily on techniques that increase participant engagement so that all stakeholders gain value from the exercise. Participants are required to address the major aspects of a heavy-weight attack, including investigation, containment, remediation, recovery, and managing the negative impact on the business. The wargames are designed to run for two to three hours, providing participants with a high-impact learning experience. Decision points and exercise details are tailored to accommodate the different needs and focus areas of each leadership level within the organization.
Upon conclusion of the exercise, Sygnia holds a debrief discussion with the client to jointly identify key strengths and opportunities for improvement. An action list is prepared to guide the organization going forward.
THE SYGNIA ADVANTAGE
Sygnia’s incident response methodology encompasses parallel execution of the wide variety of activities needed to deal with an attack: investigation and forensics, containment, tactical negotiation, remediation & recovery, executive crisis management, litigation support, and post-breach monitoring.
Breaking Down the Casbaneiro Infection Chain
The Casbaneiro banking trojan targets financial organizations to steal user data for financial gain. Get a detailed “attacker fingerprint”.
Breaking Down the Casbaneiro Infection Chain – Part II
Since 2018, the Casbaneiro banking trojan has targeted Latin American financial sectors. Sygnia monitors it closely as a major threat to multi-regional financial organizations.