Immersive Labs is offering a cyber resilience exercise for financial services firms. The exercise is backed by the Cross Market Operational Resilience Group (CMORG) and open to anyone in the financial sector. It is this open access to the entire sector that makes this announcement interesting. It will be interesting to see how many firms take the opportunity to test their cyber resilience.
James Hadley, CEO of Immersive Labs, said, “As recent attacks have shown, cyber crisis response is now everyone’s business. The entire workforce has to swing into action, acting as a coordinated mechanism to mitigate reputational, financial, technical and regulatory risk.”
“Running the exercise on the Immersive Labs platform will help CMORG offer the entire sector the opportunity to baseline and understand this coordinated response to improve knowledge, skills and judgement.”
What is Immersive Labs making available?
Immersive Labs has built the exercise to run on its Cyber Crisis Simulator (CCS). It already has several other exercises using the same technology, so adding the financial services exercise made sense.
According to the press release: “The simulation centres around the discovery of malware from an advanced adversary which has gained access to a fictional organisation’s systems after exploiting commonly used software. The aim is to help decision-makers in risk, operations, communications, regulatory and technical teams test their knowledge, skills and judgement in the face of a plausible, but theoretical, cyber attack. “
By choosing a proven example of an attack, this simulation will allow cyber security teams to apply any lessons directly to their local environments. Importantly, however, this is not just about the technical teams. It is designed to engage the senior management teams.
It gives senior decision-makers an opportunity to realise just how quickly such attacks develop and the complexity of dealing with them. Too many companies rely on tabletop exercises. The problem with these is that they are rarely attended by all parties involved.
While companies focus on the internal staff during an attack, they ignore, at their peril, the need to engage legal, media teams and external advisors. Using the Immersive Labs CCS, they can have those partners take part from their own desks. It will deliver, for many, the first true test of their cyber resiliency response plans and expose gaps. It is an opportunity to get those gaps quickly addressed. How quickly, however, will depend on the company and regulatory oversight.
Enterprise Times: What does this mean?
This is a good move by Immersive Labs and CMORG. It brings a proven simulation platform with exercises and an experienced operator to the financial markets. These are companies that do regular stress testing over a wide range of scenarios. Adding the CCS as one of the platforms they use should pose no real challenges. The most important thing here is that it will give many of these firms a chance to test their cyber resiliency plans in their entity.
Another benefit here is that Immersive Labs has become a major player in the cyber security training market. It has forged several key alliances to deliver cybersecurity training. One of those organisations is TechVets which seeks to bring military veterans to the cyber security market.
Financial services firms are among the most attacked of any industry sector. Building relationships with organisations like Immersive Labs will help them improve the training of their staff. It also means they will understand the key competencies acquired by anyone with experience of the Immersive Labs platform. That should, hopefully, make future recruitment a little easier.