Despite efforts by organizations of all sizes to maintain a tight security posture across networks and systems, cyber intrusions still occur. Ensuring that your business can effectively detect and responds to cyber incidents is essential to maintaining a resilient cyber defense for today’s and tomorrow’s threats.
Cyber security exercises
KPMG cyber security exercises focus on what comes after the point of compromise and how your organization works together to resolve a cyber incident. Every exercise scenario is indicative of real-world attack scenarios, custom tailored to each organization, and designed to test the areas most critical to your organization. These simulations give a distinct opportunity to gain insights into the strengths and deficiencies in people, processes, and technology you rely on to detect and respond to cyber incidents.
We deploy a global multi-disciplinary team that leverages KPMG’s extensive background in investigating cyber intrusions from hacktivists, insiders, organized crime groups, and advanced persistent threats. We are also able to combine our intelligence-driven adversary simulation with a digital forensic and incident response evaluation of your network defenders to holistically assess your organization’s readiness to a cyber incident.
An approach that fits every maturity level
KPMG’s approach is based on industry-leading practices for developing and running cyber security exercises. We work with you to understand your threat profile, determine the right exercises to develop, and tailor a delivery approach. We work with clients of all maturity levels and deliver exercises in a variety of formats:
Participants representative of the stakeholders for a specific cyber incident are brought together for a discussion-based exercise. Facilitators walk the group though an incident in stages, presenting key decision gates throughout the process. The group works together to make the decisions throughout the exercise scenario.
A realistic simulation is staged, and participants are grouped into an attacking team and a defending team. The facilitators conducting the purple team exercise work cooperatively with the fully informed defending team, who must detect and respond to the simulated attacks.
An attacking team conducts the exercise without giving prior warning to the defending team. The facilitators conducting the red team exercise have no direct contact with the incident response team, except for a few trusted insiders.
We evaluate your defense and response capabilities together
Using the same tactics as adversaries in a safe and controlled manner, we help your organization: