Crisis management

Prepare your organization to respond competently in a crisis scenario. Recover fast, and use the experience to implement training, policies, and tools, and build greater operational resilience.

Assess the resources you need to manage a crisis, then test and measure the business-wide response through a realistic scenario.

  • Close gaps in your capability Highlight and reduce risks introduced by resource and planning deficits.
  • Identify and skill-up key roles Build a resilient multi-departmental crisis management team (CMT).
  • Verify your processes Bring existing processes and policies into line and test their effectiveness.
  • Practice a business-wide response Prepare for the unexpected though realistic tabletop scenarios.

Our approach


An adversary with the capability and motivation to compromise your organization will eventually do so. In these instances, where a crisis can’t be prevented, the organization’s last line of defense is its ability to control the impact and learn from the outcomes.

Communication is crucial when stakeholders from security, legal, communications, HR, finance, and the board are working together to avoid the spread of damage. The transmission of information must be timely, exact, and explicit if bottlenecks and further risk are to be avoided. Crisis management prepares all aspects of the business so you can manage the impact of such an event and navigate to the best outcome. Though technical at its core, our approach trains different stakeholders to tackle the pressure, communication hurdles, and decision-making challenges required for this to happen. They can be provided as single exercises, or as a program of simulations that gradually increase in complexity and pressure.

Our tabletop simulations involve:

  • The identification of key roles necessary for crisis management
  • The establishment of a capable and recognized CMT
  • Outlining the processes to be followed by these roles in the event of a crisis
  • Defining these processes in a central incident response (IR) plan
  • Practicing a realistic incident scenario and reviewing the outcome

Organizations will locate the gaps in their capabilities that, once remedied, should improve the flow of information and speed of actions needed.

Services & solutions
  • Scenario-based tabletop SOC incident response exercises
  • Gold team/crisis management exercises (following on from SOC exercises) 
  • Incident readiness capability assessment 
  • Incident response policy and incident plan development
  • Incident response playbook development 
  • Incident management and response retainers 
  • Post-incident forensic investigation and remedial activity
  • Business continuity planning consultancy

Speak to the team

When was the last time you practiced your crisis management capability? Get in touch to start now.

Related resources

Building resilience through crisis management rehearsal

Walk through a true-to-life example in this paper to see how Crisis Management Exercises (CMEs) (otherwise known as gold team exercises) help develop the business-wide response to a cyber incident and mitigate business impact.

Read now

Keeping attackers out: golden tickets, silver tickets, and full domain recovery

Not just another blog post on golden tickets. This guide shows the importance of crisis planning by explaining how to remediate silver—as well as golden—ticket attacks and recover from a domain controller compromise.

Read now

How we can help

F-Secure Consulting is trusted by enterprises and governments worldwide to respond to APTs and other top-tier threats. We leverage this experience to help you prepare for crises—with the right processes and policies, a competent CMT, and the clarity of mind needed to avoid a worst-case outcome.

  • Realism Our tabletop exercises rehearse your approach to crisis management and establish your ability level through realistic, fast-paced scenarios. They are tailored to your business and the threats it faces to provide knowledge that is applicable in a real-world situation.
  • Relevance Our research into, and first-hand experience of, attacker tactics, techniques, and procedures (TTPs) informs our training and remedial recommendations to help you defend against modern, capable adversaries.
  • Collaboration As an extension of your team, we can help the stakeholders involved develop the skills and security advocacy necessary for them to fulfil their role during a crisis.

We process the personal data you share with us in accordance with our Corporate Business Privacy Policy.

Accreditations & Certificates

F-Secure Consulting (F-Secure Cyber Security (Pty) Ltd) is a level 4 contributor to B-BBEE with a procurement recognition level of 100%. Learn more and download our B-BBEE certificate. Click here to read the press release.

Follow us
@fsecure_consult F-Secure-Consulting f-secure-foundry fsecurelabs