Game of threats

Members of leadership, including executive members and board of directors, chief risk officers, chief information security officers, IT directors, and other risk managers.

• Computers blocked until a ransom is paid
• Clients’ credit cards and personal data pirated
• All the company’s intellectual property stolen
• Reservation and payment website completely down
• Financial scams by way of identity theft from the financial director

Science fiction? The latest hit thriller? Unfortunately not. These attacks, which are orchestrated by experienced criminals, can affect any company, including those that think they’re well protected.

Have you got what it takes to repel so many threats of such a varying nature?

In order to make business leaders more aware of IT threats and their consequences for business continuity, PwC Academy is proposing a training course based entirely on a virtual Role Playing Game (RPG) that drops participants into the heart of a crisis, in the form of a meticulously organised attack against a company.

By the end of this training, the participants will:

• be aware – thanks to the role playing game – of the potential IT threats to their company;
• understand where these threats could come from and precisely how they can compromise their company’s IT system;
• have an insight into the attackers’ aims and methods;
• understand why it is essential to implement security protocols in their company’s IT infrastructure;
• recognise the reputational, financial and regulatory impacts of cyber attacks and breach response.

This course will consist of four parts:

• Welcome and presentation of the “game of threats” simulation tool that will be used during the course;
• Introduction to cybersecurity and the responsibilities of business leaders;
• “Game of threats” role-playing game;

The participants will be divided into two teams: the “attackers” and the “company leaders”. During the different rounds of the game, the teams will take turns in assuming both roles and must use the cards available to them to attack or defend a company.

• There will be a debrief at the end of each round so that participants can understand what has happened, which actions were decisive and how the attackers and defenders could have adopted a different strategy to change the outcome.

An attendance certificate will be sent to participants.

This training will be presented by Maxime Pallez, Director, at PwC Luxembourg.

Maxime Pallez is a director at PwC Luxembourg specialising in information security and governance, with extensive experience managing large projects that support financial institutions in transforming their information security. He holds Certified Information Systems Security Professional (CISSP) and GIAC Strategic Planning, Policy, and Leadership (GSTRTP) certifications. Maxime leads PwC’s cybersecurity awareness service, regularly conducting security awareness sessions for top management and diverse organisational groups including IT and risk teams. His expertise encompasses information risk and project management, cybersecurity governance, regulatory compliance, and maturity assessments. Notable projects include driving ICT compliance, implementing ISMS programs, and leading maturity assessments aligned with ISO standards and PwC frameworks.