Skip to content
arrow-alt-circle-up icon

Cyber Incident Call

arrow-alt-circle-up icon

00800 1744 0000

arrow-alt-circle-up icon

Combining the results of Red Teaming with a Crisis Management Exercise into the ultimate Cyberattack Simulation

Gold Teaming

Prepare your organisation to effectively respond to, and recover from, cyberattacks. We put you to the test with the ultimate cyber crisis simulation.

Gold Teaming starts with our ethical hackers, who simulate adversaries by employing real-world methods to infiltrate your network and advance towards your crown jewels. After they reached the crown jewels and deploy the impact on your network, such as fake ‘ransomware’, an unexpected, simulated cyber crisis hits your organisation.

 You gain insights into the technical vulnerabilities of your organisation, how they can be abused by threat actors, what their impact can be and how to fix them.

  Your crisis organisation experiences a highly realistic cyber crisis scenario based on the real-world findings of the Red Teaming.

  You train your crisis management plans and procedures, while your people develop skills and get comfortable being uncomfortable.

  You connect your strategic crisis management to technical incident response.

Can You Navigate Your Way Out of a Cyber Crisis? 

Executing a Gold Teaming is a cyber crisis experience that reflects reality as close as possible. The combination of Red Teaming with a crisis management exercise places your organisation in a unique simulation, without having to face the real-world consequences. The Red Teaming is based on the latest threat-intelligence and Tactics, Techniques and Procedures (TTP's) used by adversaries. The crisis management exercise provides financial, legal, and reputational insight into the impact of this cyberattack on your organisation and stakeholders. Our goal is to improve your organisation’s cyber resilience, both by improving your technical defenses against cyber threats and by getting your crisis organisation familiar with dealing with cyber crisis.

When the inevitable cyber crisis occurs, your teams and organisation are equipped to minimize the damage and have developed the right skills to cope with the situation. In the heat of the moment, everyone will be aware of what actions to take, guaranteeing that you maintain control.

Read our blog on Gold Teaming here and read our white paper on Cyber Resilience here!


Project options 


We walk your crisis management team through the findings of the Red Teaming by means of a scenario. We discuss your crisis management procedures, the roles and responsibilities, and identify gaps while providing best practice recommendations. This way, a walkthrough is a simple but excellent means to connect your strategic management layer to the findings of the Red Team.


In our table-top, your crisis management team is led through a scenario by our facilitator. Little pieces of ‘information injects’ prompt discussions amongst the team. This interactive exercise trains the collaboration and decision-making methods within your crisis management team.


During the simulation, participants receive personalised ‘information injects’ through phone calls, emails, and our media simulator. In the same way, they can communicate to the “outside world” through our response cell. Our simulation enables participants to gain a hands-on opportunity to train specific crisis management competencies and practice their individual roles and responsibilities in a realistic setting under time pressure. Optionally, your crisis management team is not aware of the upcoming exercise. They will be surprised by a ransomware screen, marking the start of the exercise. This adds an element of stress to elevate the “crisis experience”.

Semi-live Simulation

Our most elaborate cyber crisis simulation, in which we expand our simulation by adding other relevant teams from your crisis organisation to the exercise. You can think of your Operational and/or Tactical Incident Response Team and/or your Crisis Communication Team. By training the collaboration in a simulated crisis setting, the interaction, and communication between the participating teams is real.

Related Services

Adversary Simulation

We simulate your biggest threats in terms of business, bytes and behaviour.

Read More >

Cyber Resilience Service

We prepare you to act resilient when faced with a crisis.

Read More>

Rapid Response

In case of an incident we help you get back to business, as quickly and securely as possible.

Read More>

No resources?

Leave your Cyber security to us!

Frequently Asked Questions

We can imagine that you have many questions. You can always contact us to learn more. Below are a few examples of questions that we can investigate further with you.

How does Gold Teaming work?

Gold Teaming combines the technical findings of a Red Teaming with an (unexpected) crisis management exercise to create an experience that reflects the reality of a cyberattack as closely as possible. It all starts with Northwave’s ethical hackers, who meticulously simulate adversaries by employing real-world methods to infiltrate your network and advance towards your crown jewels. Their factual findings form the technical basis of the scenario of the crisis management exercise, in which your internal organisation and its most important (external) stakeholders come to life, to challenge your team(s) responsible for resolving the crisis. This way, we can provide you with a realistic scenario in which employees start calling, customers are angry, stakeholders demand answers and the media wants a statement.
An adversary simulation is necessary if you want to train your specialists to defend your organisation against your biggest threats. Or if you want to gain insight into how vulnerable your organisation is to certain threats. Based on this security exercise, the cyber resilience and security posture of your organisation is measured, and the Northwave Red Team helps to make your organisation resilient. Your overall ability to detect, respond, and to recover from a cyber attack will increase.

When is Gold Teaming fit for my organisation?
We offer different kinds of Gold Teamings, so there is always one that suits your organisation. The walkthrough and tabletop are the perfect means to raise awareness within your organisation and to get the conversation started. These options are the best fit for organisations which are less mature and/or have fewer means available.

Our simulations are designed for mature organisations that have defined plans and procedures, conducted exercises in the past and are seeking to optimise their response and recovery capabilities. Executing a simulation underlines your organisation's commitment to continuous improvement and emphasizes the need to stay ahead in the landscape of cyber threats.
What is the difference between Gold Teaming and a regular crisis exercise?

In a regular crisis exercise, participants are challenged to communicate, collaborate, and exchange information in a hypothetical cyberattack scenario. Gold Teaming is different because it has incorporated the Red Teaming results into a realistic cyberattack scenario. This has many advantages (see below).

Why would you conduct a Gold Teaming?

If you are seeking the ultimate test for your organisation’s cyber resilience, Gold Teaming is ideal, because:

1. It reflects the realities of cyberattacks on your organisation as close as possible.
The Red Teamers
infiltrated your network and exploited several vulnerabilities. They obtained initial access to your network, acquired administrative privileges, gained access to sensitive information in the network and compromised numerous systems, including the backup system and simulated data exfiltration. Exactly like a threat actor would infiltrate your systems. The Red Team findings are the basis of the crisis management exercise scenario, making it as realistic as possible.

2. It connects strategic management to the technical results of the Red Teaming.
Gold teaming is the excellent means to ensure that your strategic management understands the (technical) results of the Red Teaming. This is because they get shown what the impact and effect of exploitation of the technical vulnerabilities could mean for the internal and external stakeholders of the organisation. Doing a semi-live adds onto this, as your technical team will also get familiar with the information needs of the board level. This is because we can take an integrated approach which involves all your cybersecurity teams, from the Operational Incident Response Team and Tactical Team that need to assess and contain the technical impact, to the Communication Team and Strategic Crisis Management Team that need to coordinate and manage the various internal and external stakeholders.

3. Unexpected crisis
In our more elaborate Gold Teamings, the participants are left unaware about the exercise until it takes place. This unexpected nature of the exercise makes your people comfortable with the uncomfortable. This helps with being mentally resilient in case a real cyber crisis strikes, as it demonstrates what is coming at you and what to expect during a cyber crisis.

We are here for you

Need help with your cyber security or wondering how secure your business really is?
Get in touch and we will help you find the best solution.