Exercise your cyber security

Learn lessons the easy way and in your own time

Book your free consultation now

What is cyber exercising?

Cyber exercising provides the framework for developing processes and procedures in uncertain and complex environments.

It provides a safe and controlled environment for successive sense making cycles to be conducted.

Cyber exercises are useful in operationally focused organisations where the real world impact must be considered at all times.

lifecycle diagram for exercises showing 4 stages; plan, execute, review, refine

Want to know more?

Download the exercising product data sheet: Download

checkbox showing safety of exercising product


We conduct cyber exercises in a synthetic environment so there is zero risk to your operational systems

the safe way to test

The safe way to test
expert shown in centre of circle

Expert Advice

Realistic scenarios developed by offensive cyber professionals

about our experts

About our Experts
two people shown next to each other and arrow underneath them showing collaboration


Cyber exercises let you work with partners to reduce the impact of systemic failures

How exercising works

How exercising works
assessment checklist outline

Common assessment

We assess to a common standard so you know how you compare to other organisations

NCSC indicators of good practice

Indicators of good practice
thought cloud with gears inside

Unknown Unknowns

Cyber exercises reveal areas of weakness you didn't know existed

How exercising works

How exercising works
large cog representing investments with a check list for assessing the investments

Assess your investments

Cyber exercises provide objective feedback on which cyber security investments work and which don't

How exercising delivers value

How exercising delivers value

Types of Cyber exercise

There are 2 categories of exercise that an organisation can conduct; tabletop and functional. Each exercises a different part of cyber security in a different complimentary manner, but should always be engaging and exciting to take part in.

three people sitting round table conducting a tabletop exercise


Table top exercises are used to talk through and test cyber incidents. They can be run in a number of different formats, but the most common way is to have a facilitator control the scenario. Tabletop exercises are often most suited to managerial positions, developing and testing communication, control and process, but require some technical input.

Tabletop exercises may include games and breakout sessions to further refine plans, policies and responsibilities. They provide a quick and economical way to check how an organisation would react to a cyber incident.

clipboard with simple game shown on it


Functional exercises test a response to a real input; a good non-cyber example is a fire drill. Cyber functional exercises can be conducted on the production network, or in a simulated 'range' environment. They allow attackers and defenders to practice and develop new skills, as well as test new software and tactics in a safe environment. They can also be used as an assessment tool for new SOC analysts or penetration testers.

  • blue textured material
  • Cyber exercising, red teaming and pentesting

  • You may have heard of red teaming or pen testing but what exactly is a cyber exercise and how is it different?
  • Learn more ->

Exercise scale

Exercises can allow a whole organisation, and even multiple organisations, to be tested together. This allows for more realistic incident response scenarios.

However before trying a large scale exercise it is prudent to test smaller groupings first. Once these groups have a proven level of competency then they can be exercised together.

diagram showing exercise scale progression, starting with one item, then to three, then three groups of three.

NIS Directive

The Network and Information Systems (NIS) Directive came into UK law on 10 May 2018 and applies to Critical National Infrastructure (CNI). The Directive applies to the energy, transportation, healthcare, drinking water and digital services sectors.

Each sector has a nominated Competent Authority (CA) to oversee the Operators of Essential Services (OES). The National Cyber Security Centre (NCSC) has been appointed as the technical authority for the Directive. The NCSC has written a number of guidance documents on how to comply with the Directive and has identified exercising as a key activity.

Find out if the NIS Directive applies to your organisation

Cyber exercises, red teaming & pentesting

Cyber security can be confusing particularly if you are engaging with the area for the first time. One of the sources of confusion is the variety of products and services on offer that all seem the same or at least very similar. Penetration testing (aka pentesting), red teaming and cyber exercising are three such services that can be easily confused. This article will aim to describe the similarities and differences between these three services. All three are tools, and useful ones at that, but they must be used in the right place, at the right time and in the right manner.

Continue reading