Advisory Services
CAP provides advisory services to leaders & planning teams, assisting them in unravelling the reputational and financial ramifications of significant cyber attacks. We address planning challenges such as impact assessment, leadership accountability, decision-making, third-party support, insurance and rapid IT service recovery. Additionally, we aid in establishing an effective exercise and testing regime, including scenario walkthroughs, exercises, and simulations.
Getting started
The organisation's approach to response and recovery.
Reviewing existing artefacts (plans & playbooks) and response/recovery service providers.
Recommended artefacts and their maintenance.
Life during wartime – considerations for response and recovery without enterprise IT systems.
Understanding the impact
It is probably much worse than you may think.
Defining scenarios and gathering consensus.
Mapping impacts to functional accountabilities.
Considerations for Quantitative Risk Analysis (QRA) development.
Defining functional executive & board accountabilities
Roles & responsibilities of leaders in planning and during an incident.
Identifying tasks and decisions for all executives and the board during response and recovery.
Achieving consensus using the agreed scenario/s.
Advantages in planning for organisations regulated by the BEAR and FAR accountability regimes.
Exercises & simulations
Any plan is only as good as it’s last test.
Facilitation of guided walkthroughs, functional exercises and full simulations.
Developing an effective exercise & simulation programme.
Building “muscle memory” for all accountable function teams
Optimising the effectiveness of insurance
...and addressing capability gaps for organisations without insurance.
Benefits & potential pitfalls of cyber insurance.
Review of appropriateness of policy based on organisation-defined impacts.
Building the most effective supplier response & recovery panel.
Rapid Service recovery
Excellent response becomes meaningless if you can’t recover IT systems in time.
Defining critical IT services and the order of recovery.
Recovery of critical IT services with enterprise IT services unavailable/compromised.
Calculating Actual Recovery Times (RTA) for complex multi-system recovery.
Leadership Awareness Enhancement
Many leadership teams and boards underestimate the gravity of cyber incidents. We guide them through enlightening walkthroughs, exercises, and simulations, ensuring continuous improvement as artifacts are developed and tested.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Amet volutpat consequat mauris nunc. Proin sagittis nisl rhoncus mattis rhoncus urna. At lectus urna duis convallis convallis tellus id.
Mattis nunc sed blandit libero volutpat sed. Tristique et egestas quis ipsum suspendisse ultrices gravida dictum fusce. Ullamcorper morbi tincidunt ornare massa eget egestas purus viverra accumsan. Velit aliquet sagittis id consectetur. Congue eu consequat ac felis donec et odio pellentesque diam. Et pharetra pharetra massa massa. Integer quis auctor elit sed vulputate. Massa tincidunt nunc pulvinar sapien et. Lacus suspendisse faucibus interdum posuere lorem ipsum dolor sit. Tempus quam pellentesque nec nam aliquam sem et tortor consequat. Sagittis vitae et leo duis ut diam.
Tincidunt arcu non sodales neque. Sed elementum tempus egestas sed sed risus pretium. Eu mi bibendum neque egestas congue quisque egestas diam in. Feugiat vivamus at augue eget arcu dictum varius. Duis ut diam quam nulla. Arcu dui vivamus arcu felis bibendum ut tristique. Consequat nisl vel pretium lectus. In vitae turpis massa sed elementum tempus. In iaculis nunc sed augue lacus viverra vitae. Nec sagittis aliquam malesuada bibendum arcu vitae elementum. Ut porttitor leo a diam sollicitudin tempor. Vitae et leo duis ut diam. Accumsan lacus vel facilisis volutpat est velit egestas dui id. Cras tincidunt lobortis feugiat vivamus. Malesuada pellentesque elit eget gravida.
Mapping Responsibilities
Who should be involved in Cyber Organisational Response & Recovery planning and execution within your organisation? We help map out CORR functions, ensuring clear lines of responsibility.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Amet volutpat consequat mauris nunc. Proin sagittis nisl rhoncus mattis rhoncus urna. At lectus urna duis convallis convallis tellus id.
Mattis nunc sed blandit libero volutpat sed. Tristique et egestas quis ipsum suspendisse ultrices gravida dictum fusce. Ullamcorper morbi tincidunt ornare massa eget egestas purus viverra accumsan. Velit aliquet sagittis id consectetur. Congue eu consequat ac felis donec et odio pellentesque diam. Et pharetra pharetra massa massa. Integer quis auctor elit sed vulputate. Massa tincidunt nunc pulvinar sapien et. Lacus suspendisse faucibus interdum posuere lorem ipsum dolor sit. Tempus quam pellentesque nec nam aliquam sem et tortor consequat. Sagittis vitae et leo duis ut diam.
Tincidunt arcu non sodales neque. Sed elementum tempus egestas sed sed risus pretium. Eu mi bibendum neque egestas congue quisque egestas diam in. Feugiat vivamus at augue eget arcu dictum varius. Duis ut diam quam nulla. Arcu dui vivamus arcu felis bibendum ut tristique. Consequat nisl vel pretium lectus. In vitae turpis massa sed elementum tempus. In iaculis nunc sed augue lacus viverra vitae. Nec sagittis aliquam malesuada bibendum arcu vitae elementum. Ut porttitor leo a diam sollicitudin tempor. Vitae et leo duis ut diam. Accumsan lacus vel facilisis volutpat est velit egestas dui id. Cras tincidunt lobortis feugiat vivamus. Malesuada pellentesque elit eget gravida.
Post-Incident Clarity
After an attack, it's crucial to determine who's responsible for what. Our Cyber Accountability Workshops establish executive accountabilities and key decisions for all CORR stakeholder teams.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Amet volutpat consequat mauris nunc. Proin sagittis nisl rhoncus mattis rhoncus urna. At lectus urna duis convallis convallis tellus id.
Mattis nunc sed blandit libero volutpat sed. Tristique et egestas quis ipsum suspendisse ultrices gravida dictum fusce. Ullamcorper morbi tincidunt ornare massa eget egestas purus viverra accumsan. Velit aliquet sagittis id consectetur. Congue eu consequat ac felis donec et odio pellentesque diam. Et pharetra pharetra massa massa. Integer quis auctor elit sed vulputate. Massa tincidunt nunc pulvinar sapien et. Lacus suspendisse faucibus interdum posuere lorem ipsum dolor sit. Tempus quam pellentesque nec nam aliquam sem et tortor consequat. Sagittis vitae et leo duis ut diam.
Tincidunt arcu non sodales neque. Sed elementum tempus egestas sed sed risus pretium. Eu mi bibendum neque egestas congue quisque egestas diam in. Feugiat vivamus at augue eget arcu dictum varius. Duis ut diam quam nulla. Arcu dui vivamus arcu felis bibendum ut tristique. Consequat nisl vel pretium lectus. In vitae turpis massa sed elementum tempus. In iaculis nunc sed augue lacus viverra vitae. Nec sagittis aliquam malesuada bibendum arcu vitae elementum. Ut porttitor leo a diam sollicitudin tempor. Vitae et leo duis ut diam. Accumsan lacus vel facilisis volutpat est velit egestas dui id. Cras tincidunt lobortis feugiat vivamus. Malesuada pellentesque elit eget gravida.