Prepare for and manage your next cyber crisis

From updating crisis management procedures to full simulation exercises, OPFOR Intelligence supports your cyber crisis preparation. And when disaster strikes, we take up the crisis lead and stand by your side, linking with technical experts.

Solutions

Three steps to face your next cyber crisis

Consulting

Objective: integrate the cyber specifics into existing crisis management procedures. Define a realistic and coherent resilience plan. Prepare for the incident so that when the day comes, you are ready to respond.


Exercise

Objective: create and run multidisciplinary crisis exercises, either table-top or fully simulated, from a half-day to several days. Fully simulate your infrastructure to test people and procedures against a realistic Red Team deploying state-of-the-art techniques. Communicate, improve, rince and repeat.

Crisis lead

Objective: regain control. With the help of a dedicated crisis lead, coordinate the various third-party technical teams, from forensics to pentesting to OSINT. Manage the investigation, and control internal and external communication. Make informed decisions, working towards a proper crisis resolution.

OPFOR Intelligence

A global approach to security.

Bridging the cultures of cybersecurity and physical security, and leveraging tools from business intelligence, information management and communication, we are well positioned to address security issues globally. Because cyber risk is very transverse and requires a multidisciplinary approach, our work always accounts for the entire malicious spectrum, as well as our client's unique environments and needs.

Missions: cyber crisis management, incident response, crisis exercises

Examples of previous work...

Adapting crisis management processes to cyber risk

We contributed to fully adapting the crisis management process to better handle cyber threats within a large and complex critical infrastructure and several subsidiaries.

Client: a critical, publicly traded, large industrial operator

Annual cyber crisis exercise for a public CERT

With a first-class technical partner, we created and delivered two annual multi-day cyber crisis exercises for a large public CERT. The exercises were multidisciplinary, with full infrastructure simulation and the team's projection.

Client: a public CERT

International crisis management

Cyber crisis and extortion affecting several countries. Assumed crisis lead through CERT Intrinsec, supporting the client's core crisis team and advising on public communication as well as cybersecurity strategies.

Client: an international organization active in 30+ countries

Creation of cyber crisis management processes

Drafting of a cyber crisis management process manual, integrating it with existing corporate processes and tools such as IT ticketing and GDPR incident handling.

Client: a medium-sized industrial French organization

Cyber crisis exercise for 16 branches and departments

Major cyber crisis exercise involving the security, IT and risk departments, with a first-class technical partner. Training 16 branches and departments on the same scenario for several combined attacks.

Client: a critical, publicly traded, large industrial operator

Cyber crisis communication

During a cyber crisis, with a first-class legal partner, we advised on crisis communication. We created common, precise and transparent wording for customers and external stakeholders.

Client: a French national sports federation

Dual physical/IT audit

We organized a dual audit integrating physical security and cybersecurity, both involving on-site penetration testing. We managed the physical security audit, coordinated the cybersecurity work and drafted the global final report.

Client: a French law firm specializing in international arbitration