Years managing real crises — ransomware, extortion, international incidents, social engineering. That frontline experience is now applied to prepare your organization before disaster strikes.
Validate your readiness under realistic adversarial pressure.
Cyber crisis exercises: from C-level tabletops to multi-day simulations trusted by public CERTs and critical infrastructure operators. Scenarios built from real incident patterns. Scenarios built from real incident patterns. A full-spectrum approach combining realistic media pressure, real-time legal constraints, and a credible cyber kill-chain tailored to your vulnerabilities. Exercises designed to test what you believe is solid, not just what you already know is fragile.
Physical red team: Solo grey-box assessments designed to test physical security and internal processes from within. For full black-box operations, a dedicated team covers OSINT, social engineering, and attempts to bypass physical access controls.
We contributed to fully adapting the crisis management process to better handle cyber threats within a large and complex critical infrastructure and several subsidiaries.
Client: a critical, publicly traded, large industrial operator
With a first-class technical partner, we created and delivered three annual multi-day cyber crisis exercises for a large public CERT. The exercises were multidisciplinary, with full infrastructure simulation and the team's projection.
Client: a public CERT
Cyber crisis and extortion affecting several countries. Assumed crisis lead through CERT Intrinsec, supporting the client's core crisis team and advising on public communication as well as cybersecurity strategies.
Client: an international organization active in 30+ countries
Drafting of a cyber crisis management process manual, integrating it with existing corporate processes and tools such as IT ticketing and GDPR incident handling.
Client: a medium-sized industrial French organization
Major cyber crisis exercise involving the security, IT and risk departments, with a first-class technical partner. Training 16 branches and departments on the same scenario for several combined attacks.
Client: a critical, publicly traded, large industrial operator
During a cyber crisis, with a first-class legal partner, we advised on crisis communication. We created common, precise and transparent wording for customers and external stakeholders.
Client: a French national sports federation
We organized a dual audit integrating physical security and cybersecurity, both involving on-site penetration testing. We managed the physical security audit, coordinated the cybersecurity work and drafted the global final report.
Client: a French law firm specializing in international arbitration
Preparing and directing a three-days Cyber exercise, with the help of an internal CERT + CISO's team. Stimulating both management and technical crisis cells. Two countries playing.
Client: a large, international, industrial organisation