Computerised Crisis Simulation Platform

When a Crisis unfolds, it is not the event itself that counts.

It is the response of the company and the individuals.

“Trust in an organisation is not necessarily extinguished immediately

when a breach occurs, It’s how organisations manage the breach that

really matters.”

Andrew Solomon, acting deputy commissioner with the OAIC.

Click To Download The List of Games

We help organisations face potential crisis and deal with them in “simulated ” real time - better preparing for the “real thing”. Our platform's key capabilities are:

  • Simulates decision making scenarios focusing on real life interactions.

  • Presents real time analytics and insights to enhance managers and organisations decision making processes.

  • Compares real decision making processes to “anticipated” decision making.

  • Understands why players act like they do.

  • Helps improve procedures and take measures to be better prepared.

What would you do if you were an official in the midst of a cyber-attack? 

AUTHORED BY CHELSEA ZFAZ AND DR. MOTY CRISTAL

 

Early morning on March 22, technical issues began interfering with the normal functioning of the City of Atlanta’s computer systems. It quickly came to light that a number of these systems had fallen victim to a ransomware attack. The entry point for the attack was a vulnerable server, which enabled the ransomware to spread to desktop computers throughout the network. The attackers demanded 6 Bitcoins (about 51,000 USD) to decrypt the city’s data.

The City of Atlanta remains crippled a week after the attack, as municipal court proceedings continue to be postponed and police officers and other employees resort to writing reports by hand. Yet government officials and civilians alike should be considered fortunate in that Thursday’s attack did not target more critical services- such as traffic light control systems or the power grid- creating a situation that would undoubtedly have more egregious consequences.

By their very nature as public service providers and guardians, municipalities hold a particularly high level of responsibility to guarantee the security of their constituents’ private information. These organisations are put in an especially precarious position when their systems become compromised. The situation becomes outright desperate when data is encrypted, especially when such encryption threatens citizens’ private information or the functioning of vital municipal services.

·What would you do if you were an elected official in the midst of a cyber-attack? 

  • Would you pay a ransom to guarantee the safe return of your city’s data?

  • Would you pay a ransom if the funds were sourced from constituents’ tax dollars?

  • Would you need citizens’ approval for such a decision?

  • Would you trust the perpetrators enough to be convinced that paying the ransom would in fact return access to your data?

  • What would you expect the consequences of not paying to be?

According to the Verizon 2017 Data Breach Investigations Report, public sector entities were the third most prevalent breach victims worldwide in 2017 (last year, 12% of all cyber breaches targeted the public sector)[1]. How can all levels and scopes of government ensure they remain ahead of virtual criminal activity that is continuously evolving?

At the Muni Expo in Tel Aviv last month, Ivor Terret, Director of Be-Strategic Solutions, a crisis management firm, presented a case study in which a municipality exercised its cyber-attack preparedness and response capacities. The municipality clarified the processes, personnel and equipment it had in place that constructively contributed to effective identification of cyber threat indicators, mitigation of cyber risks and recovery from a cyber-attack. The exercise exposed weaknesses in municipal procedures for risk and threat identification and enabled the municipality to institute practical improvements to established protocol.

The recent breach of Atlanta’s computer systems raises the question of whether municipalities in America are doing enough to protect their constituents’ private information. And while efforts indisputably vary from city to city, one thing remains clear- the more proactive the municipal approach to cyber protections, the more secure the city will remain.

[1] 2017 Data Breach Investigations Report, pg3

© 2018. ALATA GROUP

Analysis