Cyberattack on OT — does your team know what to do?
Simulation of a cyber incident on industrial systems, maritime assets, and critical infrastructure.
A cyber incident in OT/ICS is more than an IT problem — it's production shutdown, ship malfunction, energy blackout. We run one-day tabletop exercises: simulate a realistic attack (ransomware, SCADA sabotage, GPS spoofing), moderate your team's response, validate playbooks. Scenarios based on real maritime and industrial incidents. After the exercise: report on procedural gaps and remediation recommendations.
A cyber incident in OT/ICS environments is a different kind of crisis than an IT attack. It’s not just about data recovery — it’s about physical safety, production continuity, protection of people and the environment. When a production line stops, a power plant SCADA fails, or a ship’s navigation system is compromised — every minute of delay costs.
Does your team know what to do? Incident response playbooks look good on paper. But will they work under pressure? Do IT, OT, management, legal, and PR know who makes decisions? Do you have alternative communication channels if the network goes down?
A tabletop exercise is a moderated simulation of a cyberattack on your OT/ICS/maritime infrastructure. We don’t test technology — we test people and procedures. The scenario is realistic (based on actual incidents like NotPetya at Maersk, Colonial Pipeline, BlackEnergy on Ukrainian power grids), and facilitators guide your team through attack phases: initial compromise, lateral movement, industrial system sabotage, business decisions under pressure.
Format: One-day workshop (6-8 hours) for a team of 8-15 people (IT, OT, management, legal, PR). Facilitation by two experts with maritime and industrial cybersecurity experience. After the exercise: gap analysis report — what worked, what didn’t, where procedural gaps exist, and what remediation actions to implement.
Example scenarios:
- Maritime: Ransomware locks ECDIS and main engines during port maneuvers
- Energy: SCADA attack disables transformers, RTUs unresponsive, it’s nighttime
- Manufacturing: PLC sabotage shuts down production line, warehouse full, customers waiting
Benefits
- Test procedures in a safe environment — validate your playbook without real risk
- Align IT, OT, management teams — everyone knows their role in a crisis
- Realistic scenarios — based on actual maritime and industrial incidents
- Gap analysis post-exercise — concrete recommendations on what to improve in procedures
- Compliance NIS-2/IEC 62443 — tabletop exercises are required by many standards and regulations
For Whom
- Maritime sector — shipping companies, ports, terminals, offshore operators (IMO 2021, IACS)
- Industry and critical infrastructure — energy, water, manufacturing, chemicals (NIS-2, IEC 62443)
- Organizations post-compliance audit — auditors found gaps in incident response testing; need to fix it
What We Deliver
- Pre-exercise: Scenario tailored to your infrastructure and risk profile
- During exercise: Moderated simulation (6-8h), recording of decisions and response times
- Post-exercise: Gap analysis report (procedural gaps, communication issues, missing competencies)
- Follow-up: Remediation recommendations, playbook update proposal
Price: 8,000 - 25,000 PLN (per exercise) — depends on scenario complexity, number of participants, and preparation scope (customized vs. standard scenario).
Test your procedures before an attack is real. Schedule a tabletop.