Hero title background image

Cyber security crisis management

Supporting organisations to prepare for, respond to and recover from cyber crises.

Why does being “crisis ready” matter?

Leaders need to rethink cyber resilience in the face of today’s increasingly frequent, complex and destructive cyber attacks, and the significant financial, operational and reputational risk that can result.

Eliminating the possibility of a cyber attack isn’t realistic, no matter how advanced your technical capability. Resilience to cyber attacks also means being able to withstand or absorb disruption from a cyber incident when it hits, or to respond quickly to minimise the impacts.

That’s why it’s key to take proactive steps to develop and rehearse your holistic response capability and build the resilience, skills and confidence you need to navigate today’s complex cyber risk.

Attributes of a crisis ready organisation

Number one

Existing and emerging threats and risks are proactively identified, mitigated and monitored

Number two

Critical business services have been articulated and understood, and are used to inform priorities within a crisis response

Number three

The expertise of related resilience disciplines is harnessed to enhance and strengthen the organisation’s ability to respond, recover and emerge stronger from crisis

Number four

Crisis tools and technologies are in place and understood

Number five

Leadership promotes an organisational culture that empowers action and quick decision making during a crisis

Number six

Leadership encourages continuous improvement of its crisis capabilities to address new risks

Number seven

Leaders and crisis responders are trained, rehearsed and exercised regularly

Number eight

In-house crisis capabilities, vulnerabilities, and gaps are understood and addressed

Number nine

Roles and responsibilities exist and are understood

Number ten

Strategic priorities are articulated and used to drive response

Questions to ask yourself

  • Leadership
    Do your leaders know how to set strategy and make decisions amid uncertainty? Do your leaders understand how to build and lead resilient crisis teams?
  • Strategy
    Do you understand the values and strategic priorities that should drive response actions?
  • Preparation
    Have your response teams rehearsed their roles within a response to a cyber attack, including the touchpoints and communication that should exist between them?
  • Planning
    Does your documentation empower your people to adapt to the demands of a crisis, while providing sufficient structure to act as a handrail within a context of chaos and uncertainty?
  • Stakeholders
    Do you understand your stakeholder landscape and their communication requirements?
  • Technical response
    Do your in-house technical teams have the right skills, capability and authority to take action during a cyber crisis? Are they able to translate technical developments into business-focused impacts to support strategic response activities?

How can we help?

Prepare

  • Gap analysis: assessing your organisation’s end-to-end cyber response framework, governance, controls and procedures
  • Enterprise resilience programme: identifying what is most critical to your organisation (critical business services), and using this to inform planning for disruption
  • Cyber response plans and playbooks: developing scenario-agnostic crisis management plans and scenario-specific playbooks to support technical and leadership teams in navigating the business-wide response to serious cyber crises
  • Cyber crisis exercises: designing and delivering exercises ranging from discussion-based ‘plan walk-throughs’ to immersive multi-team simulation exercises for teams from technical to senior leadership levels
  • Crisis Leadership Centre: equip, encourage and empower leaders to establish strategy, make decisions and build resilient teams during disruption, uncertainty and crisis

Contact us

Claudia van den Heuvel

Claudia van den Heuvel

Crisis Management Specialist, PwC United Kingdom

Tel: +44 (0)7525 283080

Bobbie Ramsden-Knowles

Bobbie Ramsden-Knowles

Risk and Resilience Partner, PwC United Kingdom

Tel: +44 (0)7483 422701

Follow us