Front Page: NCSC-FI
Front Page: NCSC-FI
Menu

Exercises

Cyber exercises aim at improving organisations’ preparedness and response for severe security incidents, and at shortening and reducing the impact of cyber-attacks. An exercise involves presenting an organisation with a simulated crisis scenario to resolve, which enables the organisation to learn valuable lessons for developing its operations. The NCSC-FI supports critical infrastructure providers in their cyber exercise activities.

Benefits of cyber exercises include:

  • improved observation, reaction and recovery skills of employees and decision-makers in case of severe security incidents
  • facilitated detection of defects and vulnerabilities in processes, operating models and systems
  • faster allocation of resources to areas identified during the exercises
  • increased understanding of supplier dependencies and service provider data security requirements
  • intensified cooperation with service providers through joint exercises
  • improved identification and management of individual threats in the cyber environment.

We develop our exercise services as part of the KYBER 2020 programme. Our services are designed to improve critical infrastructure providers’ preparedness for cyber threats. We also wish to help organisations to develop their operations independently, through effective and constant practice. Observations made during an exercise can be cultivated into development priorities that enable the organisation to better detect severe security incidents, for instance.

We provide the following cyber exercise-related consulting services

1: Advice on choosing the right exercise partner

We have surveyed as our partners both domestic and foreign companies providing exercise and training services, in the selection of which we can assist if necessary. Thus, you will get an exercise partner that will be able to serve your very needs. Some of our partners are listed below in section Companies providing exercise and training services. We can also help several eager exercising organisations to find each other.

2: Situation awareness services to support exercise planning

We can provide a current situation picture suitable for the exact situation in question from both Finland and abroad which, for example, makes it possible to aim the theme of the exercise according to the more probable threats.

3: Simulations of the services of the NCSC-FI during exercises

The NCSC-FI offers extensive expertise and auxiliary services in its sector. It is possible to include a part of these services as a simulation in the exercise, in which case the exercise experience is closer to a real crisis as a whole.

4: Observer’s role in exercises

Depending on the wishes of the exercising organisation, we also offer to act as an observer in the exercise itself. With the help of this, we can gather problems that have arisen in the exercise as well as good practices, guide exercising organisations’ and exercises’ activities in the future and get valuable content for the final analysis that is made of the exercise.

5: Assistance in post-exercise analysis

After the exercise has finished we also offer our services and our expertise for breaking down the exercise and for making a final analysis. This part is often perceived important from the point of view of the overall picture of the exercise so that the exercise produces the desired outcome and learning experience.

CYBER EXERCISE MATERIAL

Cyber exercises are an excellent way to assess courses of action, improve crisis tolerance and accelerate recovery from cyber security incidents. The NCSC-FI offers a practical manual on organising cyber exercises where the insights have been gathered into one dossier. The exercise manual is suitable for both an organisation organising its first exercise as well as an organisation with a vast experience in organising exercises for the search of new methods and points of view. It has been primarily written as a practical guide for those that are currently planning to organise a cyber exercise.

Booklet Cyber exercise scenarios 2020 contains 20 different cyber security incidents that can be used as event descriptions of cyber exercises. The compilation has been made in cooperation with specialists from partner companies. The scenarios are based on real-life cyber security incidents.

We deliver our products also in printed form.

Place your order by sending an email to kyberharjoitukset@traficom.fi

Please indicate the number of products and contact details (name and postal address of the recipient) in the order.

Goals set the pace for cyber exercises

Setting goals is an important part of planning a cyber exercise. Clear goals also guide and engage participants. In this article, we give tips on how to define goals for cyber exercises.
In 2022, our Information Security Now! articles will focus on the steps taken before a cyber security exercise. The first article discusses organisational cyber maturity, meaning the ability of org...
The year 2021 was a busy one for our cyber exercise team. We listed our best advice to help you make your cyber exercises more useful and successful in 2022.
Markus Lassheikki, Jyri Valmu and Lauri Kulonen, secretaries for the food supply pool at the National Emergency Supply Agency of Finland, act as observers in the cyber exercise of the food-sector i...

Contact us

Get in touch with the cyber exercises team by writing to us: kyberharjoitukset@traficom.fi

Updated