Game of threats

• Computers blocked until a ransom is paid
• Clients’ credit cards and personal data pirated
• All the company’s intellectual property stolen
• Reservation and payment website completely down
• Financial scams by way of identity theft from the financial director

Science fiction? The latest hit thriller? Unfortunately not. These attacks, which are orchestrated by experienced criminals, can affect any company, including those that think they’re well protected.

Have you got what it takes to repel so many threats of such a varying nature?

In order to make business leaders more aware of IT threats and their consequences for business continuity, PwC’s Academy is proposing a training course based entirely on a virtual Role Playing Game (RPG) that drops participants into the heart of a crisis, in the form of a meticulously organised attack against a company.

By the end of this training, the participants will:

• be aware – thanks to the role playing game – of the potential IT threats to their company;
• understand where these threats could come from and precisely how they can compromise their company’s IT system;
• have an insight into the attackers’ aims and methods;
• understand why it is essential to implement security protocols in their company’s IT infrastructure;
• recognise the reputational, financial and regulatory impacts of cyber attacks and breach response.

This course will consist of four parts:

• Welcome and presentation of the “game of threats” simulation tool that will be used during the course;
• Introduction to cybersecurity and the responsibilities of business leaders;
• “Game of threats” role-playing game;

The participants will be divided into two teams: the “attackers” and the “company leaders”. During the different rounds of the game, the teams will take turns in assuming both roles and must use the cards available to them to attack or defend a company.

• There will be a debrief at the end of each round so that participants can understand what has happened, which actions were decisive and how the attackers and defenders could have adopted a different strategy to change the outcome.

An attendance certificate will be sent to participants.

This training will be presented by Maxime Pallez, Director, at PwC Luxembourg.

Maxime is a director and information risk advisor specialised in information security governance. He has mainly worked on risk management projects and cyber security maturity assessments.

His expertise on the cybersecurity areas has been completed by Certified Information Systems Security Professional (CISSP) and GIAC Strategic Planning, Policy, and Leadership (GSTRT) certifications. ?

Responsible for the cybersecurity awareness service at PwC, he is regularly performing security awareness sessions targeted towards the top management of organisations as well as various populations (IT, risk, employees…).