Frequently Asked Questions

In addition to the technical means to protect oneself, which are the first ones that generally come to mind, it seems necessary to develop a resilient structure to reduce this risk and impact. This includes raising awareness among teams, through training or cyber crisis management exercises, but not only. At the same time, it may be wise to identify the different risk scenarios and weak signals within the company, in order to set up alert procedures adapted to them. It is also recommended to control your digital footprint and apply the IT hygiene rules recommended by the ANSSI.

Preparing to deal with a cyberattack involves working on three fronts:

1- Preparing for your crisis organization through the implementation of a dedicated system

Managing a crisis requires a specific organization that must be prepared in advance. This organisation includes the creation of a dedicated body of documentation describing the roles and responsibilities of each person (RACI, sheets by function), indicators for assessing the passage into a crisis, procedures for managing specific situations, documents useful for decision-making such as risk mapping and operational tools (checklists, impact analysis templates, etc.). useful contacts…). Alcyconie supports you in the implementation and updating of your crisis system, by providing an expert perspective from our field experience.

2- Theoretical training in crisis management

Training in crisis management allows you to better understand and understand the mechanisms at work in the unfolding of a crisis and in its management, to acquire a general theoretical basis of crisis management as well as a set of good practices. While the training obviously concerns the crisis unit, it is also wise in the context of cyber and digital crisis preparedness to specifically train the functions that will be involved: communication teams, lawyers, IT / SOC teams.

3- Training and practice through exercises

Theoretical training allows you to know good practices and your crisis system, training to transform them into reflexes. It is important to test your crisis system, developed previously, in more practical but complementary exercises to the training. These exercises are actually crisis simulation exercises, useful in order to adopt the right methodological and operational reflexes. Led by specialists, these exercises will allow you to obtain their points of view in order to increase the skills of your teams on these themes.

A crisis management exercise consists of a crisis simulation of varying duration (from a few hours to several days) and in which, depending on the objectives set, the decision-making crisis cell and/or the operational units or even external actors participate.

Depending on the objectives defined together and the maturity of the participants, it is possible to set up more or less immersive formats:

Either in the form of a “tabletop exercise”, which allows a scenario to be carried out orally and to discuss the course of action to be taken, the potential impacts and possible sticking points;
Or in the form of a simulation exercise, where the members of the crisis cell are immersed in a real situation to make decisions and interact directly with other actors (simulated by our team), as they would in a crisis situation.
In both cases, our exercises are the subject of preparatory work carried out by our consultants to create scenarios that are very close to a crisis in real conditions. Alcyconia’s exercises, tailor-made for each of our clients, are recognized for their realism: 98% of respondents after participating in our exercises rated them as “extremely realistic”. This guarantees a real immersion for players and all internal procedures can be tested there. Finally, from these exercises, the players often derive a real operational utility thanks to the feedback provided by the exercise leaders.

To go further, read our article Crisis exercises, an essential step to save precious minutes on D-Day, also published in Global Security Mag.

We take into account the managerial evolution of cyber crisis management and offer training and training that are aimed at the entire organization, not just the CISO. Indeed, cyber and digital crises require multidisciplinary and cross-functional management. Due to the diversity of the players involved (CISO, HR, communication, legal, business, infrastructure and applications, etc.), the cyber crisis is breaking free from organizational silos by impacting all levels of the organization and must therefore be thought out and prepared collectively.

– Regularly to maintain the right reflexes and maintain its crisis management system in operational conditions;
– When new resources are added to the crisis management unit;
– During a reorganization or organizational changes;
– In the event of a change in the environment: increase or modification of risks, structural change.

Training and training in crisis management must be designed in line with the objectives sought. These can be diverse and must be precisely framed, with the expert eye of Alcyconia’s consultants: testing and testing existing systems, raising awareness among all employees or members of the crisis unit of the fundamentals of crisis management, training lawyers or communicators on specific subjects, facilitating exchanges on issues to emerge with joint solutions, etc.

Learn more

We create convincing and realistic scenarios that take into account both the technical management of the incident and the managerial dimension.

Our objective: to train you to manage all IT and cyber crises: Ransomware and/or data leaks, major IT incidents, loss of Data Centers impacting your organization or one of your outsourced service providers, etc.

Training and training in crisis management must be designed in line with the objectives and maturity of the organisation concerned. These can be diverse and must be precisely framed, with the expert eye of Alcyconia’s consultants: testing and testing existing systems, raising awareness among all employees or members of the crisis unit of the fundamentals of crisis management, training lawyers or communicators on specific subjects, facilitating exchanges on issues to emerge with joint solutions, etc.

Through a scenario prepared in advance and adapted to the specificities of your company and the objectives identified, your employees participating in the exercise will be taken on board in a realistic and immersive way in a scenario of cyberattack or major IT malfunction, tailor-made to be as close as possible to your challenges and your IS. As the script is unfolded by our consultants, they will be confronted with the multiple problems of a real crisis: what decisions to make when a cyberattack is detected and seems to be spreading? What are the business impacts if we decide to turn off the servers? How to restore your data? How do you respond to threats from a cybercriminal to leak confidential data if a ransom is not paid by the end of the day? How to communicate to employees? to customers? What to do when the press gets involved? What should you say to a customer worried about the confidentiality of their data? What if fraudsters take advantage of this high-profile cyberattack to impersonate you and defraud your customers? How do you sort, prioritize and share the wealth of information coming in via phone calls and emails? How do you identify key information on social networks, synthesize it for a crisis unit and respond to its detractors? How to deal with a bad buzz and adapt your communication?

This scenario, prepared in advance by our consultants, is animated in real time and adjusted according to the reactions of the cell to ensure that the power is turned on and that the exercise remains beneficial for all participants.

Through this exercise, the members of the decision-making crisis cell and the operational units will be able to test the procedures in place and improve them, identify the strengths and areas for improvement of the crisis governance in place. Our consultants will help you organize the sharing of experience of the participants and complete the action plan identified through their own expertise on the subject.

Alcyconie is committed to training a wide range of economic players, whether private companies (SMEs, ETIs, etc.) or public bodies, in the problems of cyber crisis management in the best possible way.

Because Alcyconie is committed to mobilizing for its many customers, adaptation is at the heart of our operation. Our theoretical and practical training courses are accessible to all sectors of activity (administration, agri-food, industrial, luxury etc…). Each of them is enriched with concrete examples specific to your sector of activity in order to correspond to your reality.

For its practical training, such as exercises, Alcyconie relies on its immersive platform PIA®, which it owns, developed with the support of the Brittany region. This platform, which makes it possible to simulate social networks, mailboxes and a news feed in real time, accentuates the intensity of the exercise and consequently, its realism. These crisis exercises are a truly tailor-made training session that will put your crisis systems under strain and allow you to identify the strengths and visualize the weaknesses of your organization.

Alcyconie can also count on its various passionate employees, with various profiles: experts in communication and crisis management, cyber fraud, business continuity and/or recovery, lawyers, cyber defence engineers, etc. This diversity of profiles allows you to have a global vision of crisis management and thus to study all the facets that make up a cyber crisis (communication, reputation, legal issues, etc.). Its training courses are therefore adapted to the reality of crisis management and its protean impacts.

However, because we are honest enough to say that we are not perfect, Alcyconie has chosen to surround itself, in addition to its employees, with external partners/stakeholders who are experts in their sector of activity. Cyber ransom negotiators, incident response providers, digital investigation specialists, lawyers specialising in digital law, they assist Alcyconie, on the technical side, in its various missions, always with a single objective: to advise you optimally on all the impacts of the cyber crisis.

Our training courses are recognized by all our customers. 100% of them recommend our training courses and 98% are satisfied with the skills and pedagogy of the trainers. Today, 530 people have been trained thanks to Alcyconia.

As a QUALIOPI-certified training organization, Alcyconie has chosen to adapt to its customers, present and future, in particular by making it possible for OPCO (organization approved by the State to finance apprenticeship and professional certifications) to take charge of the financing of its training courses.

In pursuit of excellence, Alcyconie is committed to ensuring that its training courses remain of quality and strive to get the best out of themselves, each experience being a new opportunity to improve.

To find out more about our exercises and in particular the different formats and themes offered, go to the dedicated section!

A crisis can occur suddenly but can also emerge more gradually. We observe a succession of weak signals such as incidents that gradually escalate in a logic of gradual escalation that leads to a crisis situation. For example, we can consider that we are in crisis, and no longer in incident management:

– When the situation becomes so complex that it becomes unmanageable by a single team;
– When the company is generally energized, destabilized;
– When the lives of others are at stake;
– When the activity is strongly impacted or even interrupted and a short-term recovery is not certain;
– When the sustainability of the organization is called into question;
– When the company has to manage the information and communication of interested parties (customers, suppliers, employees, media) in a degraded manner or a significant number of stakeholders (authorities, journalists, etc.);
– When its impacts jeopardize the life of the company;
– When the situation requires a specific mode of organization to deal with problems that are outside the usual prerogatives of the various actors involved;
– When the complexity of the event and the plurality of its issues require coordination between functions usually working in a “silo”;
– When the workload related to the management of the situation (coordination, problem solving, search for information, etc.) requires arbitrating with regard to daily loads and reprioritizing the actions of certain employees.

The declaration of passage into crisis is a binding act that must mobilize the actors concerned. It is sometimes difficult to act early enough on this transition to crisis, especially for companies or individuals confronted daily with emergencies and/or the management of major incidents. However, crisis management requires a specific system and leads to different constraints and needs for the different functions of the company.

Alcyconie supports you in defining together indicators of passage into crisis, as close as possible to your challenges, in a collective process of reflection on concrete cases.

Crisis management training is not only essential to test one’s various internal crisis systems, but it is also essential to raise awareness among employees to deal with such situations. It allows the company not to lose its footing when it is faced with a real crisis.

Training in cyber crisis management is all the more important given the specificities of these crises. Indeed, cyber crises are crises that affect all sectors, they are cross-functional and thus have cascading repercussions on areas other than the simple IT field (HR, production, etc.). They are of course eminently technical. They also have the particularity of often being long or even very long, much longer than the majority of classic crises, which, added to the other elements mentioned, makes them very expensive crises.

Acculturation and awareness-raising are phases in their own right in the crisis management system. It is in this spirit that Alcyconie offers you fun training courses that can be adapted to your context, customizable and intended for various audiences: executive committees, communication teams, lawyers, etc.

The Alcyconie team and its experts train you around 8 themes:

– Fundamentals of crisis
management- Cyber crisis management for crisis units but also for IS / technical
teams- Fundamentals of crisis
communication- Controlling your e-reputation and digital
footprint- The lawyer in a cyber
crisis cell- Decision-making in uncertainty
– How to protect yourself from cyber fraud
– Public-speaking training

Because perfection does not exist, Alcyconia is continually striving to improve. This state of mind guides his steps and leads him to choose trainers who are open to adventure and perfectibility.

Our in-house trainers, all consultants and experts within the firm, have proven field experience and a real passion for the subjects covered. Their intellectual curiosity pushes them to take an interest in the cyber threat, the legislation in force, and the risks of tomorrow on a daily basis.

For certain specific requests from our clients, we enlist the skills of external trainers, selected on their backgrounds, experiences and certifications: experts in cyber-ransom negotiation, digital investigations, digital law, cyber defence, ready to tackle cybersecurity issues, the objective being, in the short/medium and long term, to make the assistance provided to the client structure optimal.

Alcyconie adapts to the demands of its customers. We can offer you our training and exercises remotely, directly on your premises, or in our premises in Saint-Malo. If this is more convenient for you, we can also organize this in Paris or Rennes.

Contact us to discuss.

To communicate effectively during a cyber crisis, it is important to consider communication as a tactical lever and not as something endured. Indeed, well-controlled crisis communication can prove to be a source of considerable benefits. With such communication, you are in control of the content you want to be broadcast and its timing. This avoids an increase in pressure on the crisis unit and on your body.

Among the points of attention of a crisis communication, we can for example mention the implementation of a spokesperson strategy that must be effective, or the difficulty of finding the right balance to communicate clearly and precisely without saying too much.

Faced with a cyber crisis, control is all the more important as it is necessary to communicate on aspects that are often far from your business and to combine communication with the organization’s legal strategy (CNIL declaration, filing of complaints, etc.).

Today, social networks are an integral part of most, if not all, communication strategies. As such, they are logically to be monitored and mobilized during a cyber crisis. Not paying attention to it is a serious mistake, as is being too present. Thus, Alcyconie supports you in setting up an effective monitoring of these and training your communication teams and community managers to deal with this situation. A well-trained communication team will be a valuable asset for the crisis unit, as it will support it and transmit the right information quickly.

Effective crisis communication must address all the targets of the organization concerned. These targets are numerous, whether internally, both to employees and franchisees or agencies (a crucial but often forgotten dimension) or externally: press, competent authorities, media, customers, partners, etc.

The objective is to be able to address each of these audiences with the posture, codes, format and level of information that is appropriate to maintain or regain their trust in a complicated situation. An exercise that is far from simple, as shown by our deciphering articles on the speech of the CEO of Kaseya, a software company that was the victim of a cyber attack, and on Techotel’s crisis communication. If by shock, it often seems difficult to express oneself publicly for fear of seeing the situation worsen, it remains essential not to be dispossessed of the messages circulating about one’s organization as soon as the crisis grows in the media.

Alcyconie supports you so that you are no longer subject to your communication but on the contrary make it a lever for your crisis management.

The composition of a crisis unit is essential, it is a question of having the right people around the table as quickly as possible so as not to be overwhelmed. Alcyconie helps you, through an audit and consulting phase, to define the appropriate organization of your crisis unit.

It should be noted that it is important in crisis management to be able to mobilize all the actors who must take part in this management as quickly as possible. You should also not hesitate to turn to external service providers if necessary, so that they can bring their expertise and know-how to your organization.

Alcyconia’s objective is to provide advice and support to organisations experiencing difficulties in managing the crisis.

In order to best meet the needs of its customers, this assistance takes the form of a list of tailor-made and non-exhaustive offers. Thus, Alcyconie offers support in the area of crisis management:

– advice and monitoring of the crisis alongside the company;
– support for the methodological management of the crisis (operational tools, prioritization, etc.);
– legal advice (legal obligations to notify authorities, clients, etc.);
– media and social media monitoring;

but also on the aspect of crisis communication:

– Drafting of language elements;
– preparation of speeches;
– advice on public speaking;
– media training;
– Coaching of executives on the spot.

The particularity of Alcyconia is that it also takes into account the management of the risk of fraud:

– identification of fraud risks;
– implementation of appropriate risk prevention, detection and mitigation measures;
– Support in communication with banks;
– Raising awareness of the treasury, finance and accounting teams on the different fraud schemes in the face of increased risk.

In order to adapt, Alcyconie has also chosen to offer its customers a 24/7 on-call offer. Indeed, aware that the crisis does not wait, Alcyconie is ready to provide the best possible support to economic players destabilized by cyberattacks.

It is not uncommon today to be the victim of a cyberattack. Thus, from the occurrence of a digital incident until it is classified as a crisis situation, it is essential to keep in mind certain practices, known as “first reflexes” in order to prepare for the eventuality of a crisis.

These “first reflexes” are a direct result of the specific consequences of a cyberattack. By this we mean that the cyber crisis has protean impacts ranging from IT impact to reputational impact and legal impact. It is therefore necessary to implement initial reflexes on the IT level, of course, and also to have reflexes in terms of communication and the legal aspect.

Thus, IT measures are to be taken to prevent the infection from spreading to the rest of the information system. The first measures will be:

– Isolate contaminated PCs;
– Keeping PCs on;
– To cut off the network if necessary to prevent the spread,
– To launch investigations to identify the impacts, patient 0, to restore a healthy information system.

In terms of communication, this is accompanied by the development of a strategy:

– Aimed at both the internal (establishing communication for the teams)
and the external (establishing communication for customers and the public).

It can also involve, on the legal side:

– To provide for various notifications to the competent authorities (arising from legal obligations),

And the continuation of contractual commitments.

After a cyber attack, a company’s information system can be weakened (especially if a switch has been made to a backup environment that does not have the same load capacity) or considered unreliable until the necessary audits and verifications have been completely carried out. In this sense, even if a business continuity system is put in place and allows the company’s vital activities to be preserved, it is not always easy to determine the right time to start exiting the crisis and initiating a disaster recovery plan.

In addition, the mobilized teams are tested and face various cognitive biases (desire to rush the return to normal at the risk of going too fast, fear of resuming and getting out of crisis mode), which sometimes make it difficult to manage this exit from the crisis with discernment and objectivity.

Alcyconie offers you specific support in your exit from the crisis and your resumption of activity to:

– Define the right time to emerge from the crisis with confidence and support you in managing this gradual ramp-up. In particular, we bring our expertise on the risk management aspect to avoid any risk of a second incident
– Reappropriate the post-crisis communication space and turn it into an opportunity: learn from experience, communicate internally and externally on the subject

Provide psychological support to your teams who have been tested by the management of this crisis (employees who are victims of manipulation, IS teams on the front line, etc.), thanks to our partner experts.

Alcyconie supports you in capitalizing on the events you have experienced through the organization of feedback. We help you structure and lead this crucial stage of crisis management, which has a dual objective: to update and consolidate your crisis management system with empirical data and to establish an action and remediation plan to avoid a resurgence of the crisis.

It is important to be able to listen to what they have to say and what they remember from the crisis. A crisis is a long and particularly intense event, it is normal for some of your employees to come out of it shocked.

Do not hesitate to contact us so that we can find and set up mechanisms for exchange and capitalization on this crisis, in order to get as much positive as possible out of it.