Building Cyber Resilience – Audit, Crisis Procedures and Training

Context

A major company in the catering and food distribution sector asked Alcyconie to strengthen its preparedness for cyber crises by structuring the organization within the IT department.

Objectifs

• Identify the level of maturity of the cyber-based crisis system and the deviations from the state of the art;
• Structure and formalize the organization of the IT department in the face of a crisis of cyber origin;
• To have a complete and operational documentary base that can be mobilized in an emergency in the event of a crisis;
• Test the appropriation of crisis procedures and any necessary adjustments through a crisis exercise;
• Illustrate the need to also involve the decision-making crisis unit and subsidiaries in this dynamic of strengthening cyber resilience.

Mission Description

The mission took place in 3 distinct phases:

• Over 6 weeks, audit and familiarization of the client’s existing situation provide a clear vision of the client’s level of maturity and needs from a crisis documentation point of view. This audit phase was characterized by the analysis of the documentary corpus and the conduct of interviews with key crisis management functions.
• The conclusions of the audit phase were materialized through the optimization of the existing crisis system through the drafting of reflex and organizational sheets (composition of the CIO crisis unit, roles and missions of each function, etc.).
• The third and final phase was the realization of a crisis exercise for the benefit of the IT crisis unit with a scenario impacting the production system of one of the subsidiaries.

Challenges and specificities

Succeed in promoting, within the procedures, the central role of the group’s IT department in incident response in the event of a cyber crisis, taking into account the relative autonomy and independence of certain subsidiaries.

Alcyconie’s added value expertise

• With their experience in preparedness and hot crises, Alcyconie consultants have succeeded in combining the need to formalise crisis organisation with operational documentation: too often, crisis procedures meet regulatory requirements and sectoral standards and lose the effectiveness necessary to be used in a degraded situation.
• Identification of an exercise scenario including the OT (Operational Technology) part in order to make the IT department team aware of the complexity of addressing cyber crises impacting the production chain.