BRC Exercises

On December 11, 2024, the Business Resilience Council held a four-hour tabletop, the last in a series of operational resilience exercises focused on the impact of wiperware on financial systems. The half-day event built on previous exercises that explored the broader ecosystem impacts of a destructive attack, emphasizing cross-sector dependencies and cascading effects.

Participants navigated the challenges of a major cyber disruption, working through critical decision-making scenarios that included IT operations, risk management, media engagement, regulatory coordination, and prioritization of actions. Facilitators guided the exercise, introducing new complexities to deepen the experience and insights.

Objectives and expectations included:

• Understanding the impact of a major, extended cyber disruption

• Exploring implications of payments failures

• Gaining a deeper understanding of service dependencies

• Considering rolling impacts like secondary attacks, liquidity issues and customer confidence

• Identifying operational resilience strengths and weak points

• Identifying industry best practices among peers

• Collecting action items to address post-exercise

Stay tuned for future resilience-focused exercises in 2025!