Exercise in a Box workshop: phishing & ransomware

Written by: Gillian Colan-O'Leary on Oct 14, 2021

Anne nygard viq9 Ztqi3 Vc unsplash

We recently ran a practical workshop in partnership with Pinsent Masons - here's what happened!

What is Exercise in a Box?

Exercise in a Box was developed by the National Cyber Security Centre (NCSC) as a self-use tool to help organisations test and practise their internal response to a range of cyber issues in a safe environment.

The online tool helps organisations find out how resilient they are to cyber attacks and practise their response in a safe environment. It recreates real world business scenarios and tests cyber resilience in each scenario.

EIAB asset 1

What happened at this workshop

This was a practical workshop where Vertical Structure and Pinsent Masons facilitated the scenario of a phishing attack (when attackers attempt to trick users into doing 'the wrong thing', such as clicking a bad link) leading to a ransomware infection, preventing you from accessing your computer (and the data that is stored on it).

We ran this session because, in our experience, although companies can walk themselves through NCSC’s tool at any time, we’ve found that many businesses need a bit of help and direction to make the most of this tool.

Simon Whittaker, CEO Vertical Structure

Who took part

We had individuals who were not from a technical background, as well as those who worked within the IT department of their organisation. This was a great way to engage other areas of business on cyber threats.

The organisations included large manufacturing organisations, tech startups, management companies and the public sector.

Screenshot 2021 10 14 at 10 59 46

We were delighted to partner with Pinsent Masons on this session.

Pinsent Masons is a purpose-led, professional services business with law at the core. The specialist Belfast cyber team has helped clients with all manner of cyber breaches – from single device incidents locally to ransomware attacks on international corporations. The team shared their experiences and gave top tips on preventing a breach, and also managing one, if it occurs.

You can download details of their Cyber Crisis hotline here and their Ransomware - 5 Key Takeaways here.

Ransomware is a very real and current threat to businesses in every sector and of every size. Not only do ransomware attacks threaten business continuity and the confidentiality of commercial and personal information but also customer and staff confidence. The Pinsent Masons team support clients when considering whether to engage with threat actors, as well as the legal issues such as notification to the ICO, data subjects and managing follow on claims as well as engagement with law enforcement. It was great to be able to spend time with the delegates, considering how their organisations would respond in the face of an attack.

Laura Gillespie, Partner at Pinsent Masons

Exercise in a Box - Digital Supply Chain 25th November

Our next Exercise in a Box session will focus on how to review and refine your contingency plans if a cyber attack were to occur within your digital supply chain. You can register here.

Need help?

Email Us
email hidden; JavaScript is required

Or send us a quick message

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.