Inside a Real-Time Cyber Attack: Lessons from Our Live Simulation with 989 Professionals

On November 28th, 2024, CrowdStrike hosted an exhilarating live cyber simulation workshop that brought together 989 professionals from various industries to tackle a real-time cyber attack scenario. Designed to emulate the challenges posed by modern threat actors, this interactive experience showcased how organisations can improve decision-making, collaboration, and resilience in the face of evolving cyber threats.

The diversity of attendees—including CISOs, SOC managers, analysts, partners, law firms, and even non-cyber professionals—made this event truly unique. Together, they navigated a high-pressure scenario based on real-world adversaries like Scattered Spider, making critical decisions that impacted the outcome of the simulated attack.

The Workshop Experience

Our simulation adopted a "Choose Your Own Adventure" format, immersing participants in the dynamics of a fast-moving cyber breach. Decisions made by the audience shaped the course of the scenario, presenting both challenges and opportunities to mitigate risks.

The session featured:

• Engagement at Scale: With nearly 1,000 participants, the event fostered collaboration among diverse professionals.
• Cross-Functional Insights: The inclusion of non-cyber attendees, such as legal experts, enriched the discussions and emphasised the holistic impact of cyber incidents.
• Real-Time Learning: Each decision was followed by an analysis, providing actionable insights into containment, recovery, and stakeholder communication.

From identifying the breach to mitigating its impact, the simulation provided a safe yet realistic environment to explore critical strategies for cyber resilience.

Three Key Takeaways

1. Collaboration is Key The diversity of attendees underscored the importance of cross-functional teamwork in incident response. Legal and non-cyber perspectives proved invaluable in assessing regulatory and reputational risks, complementing technical expertise.
2. Decisions Have Consequences Every choice made during the simulation demonstrated how it impacts key organizational variables such as operational continuity, legal liability, and brand reputation. This exercise highlighted the need for swift yet informed decision-making in high-pressure scenarios.
3. Proactive Preparation Matters Participants walked away with a deeper appreciation for proactive planning, including having clear incident response protocols and a well-coordinated team ready to act when a crisis strikes.

Closing Thoughts

This record-breaking event highlighted the growing industry focus on cyber resilience and showcased how immersive simulations can prepare organisations to navigate real-world threats. We plan to host more, so please stay tuned. Additionally, we will endeavour to improve the following exercise by incorporating the audience's valuable suggestions.

Quotes from Attendees:

• ..."I really enjoyed the Crowdstrike Cyber Simulation Real time workshop earlier, the injects really made me and my colleagues think, very interesting scenarios, thank you!"
• ..."An incredibly worthwhile exercise, thanks CrowdStrike team! As a lawyer, it was particularly enlightening around the various moving parts in terms of IT infrascturture, business impact & employee burnout."
• ...“This is one of the most interesting setups I have seen where you can participate actively”
• ...“Excellent workshop. Please schedule regular these events.”
• ...“Brilliant exercise”
• ...“Various ways of ensuring group engagement”