Cybersecurity

Think you can pass a cyber crisis drill? So did we

IT Brew jumps into action alongside IT specialists, team leads, and C-suite execs at Immersive Labs’ Cyber Drills Roadshow in New York City.
article cover

Francis Scialabba

3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

An ounce of prevention is worth a pound of cure—or in the case of a breach, prevention could be worth $4.45 million in savings. That was the lesson taught by Immersive Labs, which hosted a Cyber Drills Roadshow in New York City on May 22 alongside IT specialists, team leads, and C-suite executives.

The nearly four-hour experience included a drill in which Orchid—a fictitious firm that provides POS systems and e-commerce solutions to small businesses globally—suffered a breach. In the drill, teams had to consider how to classify the incident, whether or not to escalate it to the CEO, legal team, and PR team during certain stages of the attack, and overall, how to mitigate the situation and find a quick solution for fictional customers who planned on attending an event at Madison Square Garden that day.

Participants could also utilize an AI chatbot to negotiate and make contact with the ransomware operator, answer questions from a tech reporter, or chat with an Orchid customer affected by the cyber incident.

“What we’re trying to do at Immersive Labs is ultimately, we want to be able to support not just the world’s largest organizations, but also all of the people that are within those,” Jamie Knobles, Immersive Labs’ manager for solutions consulting for North America told IT Brew. “And [thinking] how do we continue to be able to build our ability to respond to cyber threats to build up that cyber resilience, which is essentially, [asking], ‘Can we better identify, respond to, and return to normal operations from the cyber threats that affect us?’”

We ran into a cybersecurity analyst named Amanda, who said the event allowed her to “look at software programs from a different perspective.” “I think it’s surprising how much they can put in that one lab,” she said to IT Brew during a break.

Teams used Elastic Discover to search and filter data, gain intel about the “structure of the fields,” and display “findings in a visualization.”

A security operations center (SOC) analyst, also called Amanda, said the only difference between the drill and what she normally does is the fact that she could breathe a little easier this time—knowing it wasn’t real. “It’s not stressful at all compared to real life where everyone’s jumping in…and everyone's trying to piece together the information,” she said.

In a real-life situation, she said the process involves asking many investigative questions along the way as they try to piece everything together. “This one is more guided, so it’s a good scenario for newbies and beginners,” she added.

Immersive Labs also hosted cyber crisis drill events in Seattle and Chicago in May and Munich in June. “But in terms of this sort of format, that’s something we’ve been doing with our customers for a couple years,” Knobles said. “As we’ve seen that grow, in interest and the value that’s provided…this allows industries to get closer together.”

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.