Commvault recently hosted its Minutes to Meltdown event in Johannesburg and Cape Town. This event, led by the company's security experts, was an interactive and detailed ransomware attack simulation designed to help companies understand how to respond in the event of a cyberattack.

Graham Brown, Country Manager at Commvault, says the event addresses the growing need for organisations to proactively address the threat of ransomware and cyberattacks, which are becoming increasingly frequent and sophisticated.

The Minutes to Meltdown cyberattack simulation is a global event that Commvault is hosting for the first time in South Africa. During the showcase, participants experience a simulated cyberattack in small groups, taking on roles in the leadership team of a fictional company during a ransomware negotiation.

During the action-packed two-hour agenda, participants are faced with challenges and critical decision points as they choose their response plans against the backdrop of a crafted story based on known network breaches that have hit some of the biggest global companies.

Navigating the critical hours

As participating groups navigate the critical hours of a ransomware negotiation, face challenges and make critical decisions in an exercise based on real events, Commvault security experts guide them through the journey, providing actionable recommendations for their action plan.

Brown explains that a concerning trend is the lack of control and “muscle memory” within organisations when it comes to incident response. To address this, the Minutes to Meltdown simulation helps key decision-makers like CEOs, CTOs and CISOs conceptualise and practice their response to cyber threats.

“With this, the simulation allows executives to ask themselves the critical questions a CEO would ask, such as how to respond and what the plan of action should be,” says Brown, adding that simulation is crucial for developing a robust plan to prepare organisations for effectively responding to cyber incidents.

"The insights gained from these simulations can help organisations adopt a ‘survival time objective’ mindset, which focuses on the key metrics of time to detect, time to respond and time to recover.”

Developing a tailored approach

Brown notes that disaster recovery does not equate to cyber recovery, underscoring the importance of organisations developing a tailored approach to cyber resilience rather than relying solely on traditional disaster recovery plans.

The simulation prompts participants to consider the critical statements, objectives and outcomes they would need to address when engaging with threat actors. This includes weighing the decision to negotiate, potentially involving a third-party negotiator, and ultimately, determining whether to pay the ransom or rely on the organisation's own cyber resilience and trust in deployed technologies.

“The simulation not only guides participants through the decision-making process but also introduces them to various technologies and methodologies that can be leveraged to enhance cyber resilience and ensure business continuity,” says Brown.

By exposing executives to these advanced cybersecurity tools and strategies, the simulation aims to give each persona the confidence to develop a comprehensive cyber resiliency plan and take the necessary actions to protect their organisation.

This holistic approach to the simulation, combining decision-making processes and practical cybersecurity solutions, helps prepare executives to effectively respond to and recover from real-world ransomware and cyberattacks, ultimately enhancing the organisation's overall cyber resilience.