We offer the Cyber Resilience service based on a duration of 3 years. This timeframe allows us to effectively work together to elevate your organisation to the desired level of maturity over the course of 3 years. The service combines different activities aimed at limiting damage after a cyber crisis and simplifying recovery. In the event of an incident or a crisis, we offer a Rapid Response Service as an extension of the Cyber Resilience Service. Additional services that complement cyber resilience include the Managed Cyber Awareness & Behaviour service and the Managed Detection & Response service. See more information on these services on this website.

To optimise the cyber maturity development, the service period of 36 months is divided into 3 years with different focus points:

• 1^st year: the implementation/reinforcement of an organisational governance and the set-up of a strategic/ tactical approach determine the design and execution of the 1^st year program.

• 2^nd year –the operational impact of a cyber incident on the organization is assessed in-depth and the procedures are implemented and tested.

• 3^rd year – based on extensive assessments and trainings, the 3^rd year focuses on chain dependencies between different teams, tactics, and tools within the cyber resilience process.

1. Our extensive Cyber Resilience Service consists of different components which includes annual assessments of your cyber maturity, tailor-made strategic, tactical, and operational plans, as well as innovative and interactive trainings and exercises to challenge your cyber resilience. The Service is supplemented by periodic meetings with your Northwave contact person.
2. The underlying tools to efficiently conduct the personalized exercises and trainings.

The team, consisting of experienced cyber resilience professionals, carries out in-depth analyses of your company, translates gained insights into a Cyber Resilience service, and executes trainings and exercises that strengthen your companies’ cyber resilience.

• Role Specific Training: Decision-makers in a crisis-team must practice managing different cyber crisis scenarios. This training is offered for specific roles such as a crisis team chairperson, crisis coordinator and logbook keepers.
• Crisis Decision Making: Training crucial capabilities to effectively manage a crisis, such as strategic leadership, decision-making, and personal resilience.
• Crisis Communication: Usage of best practices, development of pre-written statements and alternative delivery measures to ensure your team communicates swiftly and comprehensively during a cyber crisis.

• Incident Response or Crisis Management Tabletop Exercise: Manage a cyber incident within your team. During a tabletop exercise, the participants are led through the scenario by our facilitator. Every participant receives new information at the same time and discussions can start right away. It is up to your team to manage the situation. Before, during, and after the exercise our facilitator will ask questions, evaluate, and provide advice to steer and help your team. All discussions, decisions, and set out actions take place within the ‘scenario bubble’ of the exercise room. This exercise-type is suited for organisations who are at the beginning of their cyber-resilience-maturity-journey.
• Incident or Crisis Simulation: During an incident or crisis simulation, we send individual customised information to your participants. They are challenged to communicate, collaborate, and exchange information on a more advanced level. The outside world is simulated by our response team. They ask andanswer questions, bring in new information, and serve as your counterpart in logging decisions throughout the exercise. Practice managing the cyber incident and engaging with relevant stakeholders (e.g., IT-service providers or vendors) without any risk.
• Semi-live Cyber Crisis Exercise: Semi-live exercises may involve multiple teams and locations, with lines of communication to different response teams. In this way, your teams practice with and against each other and therefore face 'real' stakeholders and real emotions. This increases the realism and ultimately your cyber resilience.
• Gold-teaming Cyber Crisis Exercise: We develop and launch a fully simulated cyber incident, using your existing IT network and architecture to create a customized and realistic scenario. IT, Crisis Management Teams, Business Continuity Teams, and executive board members are involved in the exercise to enhance understanding and response capability. This is the perfect combination of a red teaming with a live cyber crisis management exercise.

Yes, they can be. The Northwave Resilience team helps organisations improve their skills in incident response, crisis management and business continuity management. However, to increase maturity on these components, not ad hoc but continuously (PDCA cycle), we have developed the cyber resilience service. The cyber resilience service consists of a baseline of activities relevant to any organisation. The baseline can be extended with specific activities that match the organisation's risks or are relevant because an organisation is already relatively mature. Here, each evaluation of an activity is the input for the starting point of a subsequent activity. This allows us to work together very specifically on your maturity.