The Cyber Wargame Everyone Can Play
From the biggest bank to the smallest start-up, the Bank of England’s War Games will help create a safer financial sector for everyone. Here’s how you can make it work.
Every time a company suffers a breach, we’re treated to the spectre of a spokesperson admitting mistakes had been made but promising lessons would be learned. The problem is, by then its too late.
Cybercrime is a rapidly evolving landscape. By the time you’re reacting to the last attack, cyber criminals have come up with a whole new arsenal of threats. From the outset, that company is on the back foot building defences to face down outdated attacks.
What would really help if you had been able to learn those lessons beforehand. That’s the idea behind the Bank of England’s Cyber Security War Games. Run in partnership with Immersive Labs this gives companies a realistic threat to war game. Teams will be confronted with a catastrophic threat and will have to respond to minimise the damage.
Initially, like most war game scenarios, this was aimed as a select group of the biggest companies. However, in a recognition of the wider threat to the financial sector, they are opening it up to everyone.
Any business, no matter how large or small can take part whenever they like to test themselves against the simulation. So far, around 15 of the larger organisations have take part, and companies will be able to benchmark themselves against others to see where they stand.
The Bank of England, though, will not access data on each company’s performance or use it when making risk assessments.
How to make use of this
Opening up these war games to everyone recognises a fact about cyber-crime. So interconnected has the business world become, that cybersecurity has to be an industry-wide challenge. The better prepared all companies are, the safer everyone else will be. It is in the interests of the biggest corporations to share information with their smaller counterparts.
Sharing information will be critical. It’s all very well strengthening cyber defences, but attacks succeed when they identify vulnerabilities the business has missed. The chances are your response as a business will not be as good as you hoped. There may be gaps in your defences you were not aware of. That’s a good thing. It tells you where you’re weak, while benchmarking yourself against other users allows you to see how you can make things better.
Any business, therefore, can benefit from this war game. It’s a chance to stress test current measures and experiment with new approaches. You can see how your team responds in an emergency and where they will need to improve. Ultimately, it will help you avoid the regretful mantra of so many other victims of cybercrime – ‘if only we’d known this before.’