UK Finance and EY present our Cybersecurity Incident Simulation Exercise

Early 2019 (TBC)

Is your board ready for a cyber-attack?

Cyber-simulation exercises are recommended as a means of testing your plans to manage the aftermath of a cyber-attack. This simulation organised in conjunction with EY, provides an opportunity to take part in a UK Finance member specific exercise, designed to test your incident management capability.

This highly engaging, interactive and immersive half-day simulation will enable your board to experience what it is like to respond to a sophisticated cyber-attack, thereby increasing their level of awareness and gauging their readiness to manage a cybersecurity incident.

Click here to read the EY Cybersecurity Incident Simulation Exercises brochure

The simulation, conducted in a safe environment at the EY office in Canary Wharf, is an intense, real-time exercise designed to replicate a critical cyber-attack. During the simulation multiple events will occur that will impact you and your board. These ‘injects’, are presented within the exercise using a variety of methods. You and your board must consider all information received, assess, understand and prioritise it, and take appropriate actions if pertinent. Throughout the session, the situation further unfolds, driven by your reactions and responses, as well as inputs from traditional and social media alike.

The package includes

  • a half day simulation exercise based on a realistic cyber-crisis scenario developed by EY and UK Finance, which will include technical, operational and reputation challenges.
  • feedback for each participating team from EY consultants observing the exercise.
  • a follow up report by EY on the exercise, focusing on the key learning points for participants to take away.

By the end of this simulation you and your board will:

  • experience first-hand how to assess, decide, engage and communicate during a cybersecurity crisis.
  • identify possible gaps between your procedures and your team’s actual behaviour
  • recognise the right priorities and actions needed to dramatically improve your crisis response capabilities
  • appreciate how to take decisions and execute the right actions necessary to return the situation to a manageable state

Your lead facilitator 

John Milne is an EY Director within the financial services IT and Cyber Risk practice. John joined EY from the Bank of England, where he led the Operational Resilience Team, and was previously at the FSA. John was responsible for rolling out the world-leading Market-Wide Exercise (MWE) programme, which included two major cyber exercises: Waking Shark (2011) and Waking Shark 2 (2013), both of which have won industry awards in recognition of their contribution to enhancing financial sector cyber resilience. In addition, John established a comprehensive support programme for the supervisors of the major financial firms, to help them understand and assess the operational resilience issues within their firms.

Book now

Only five organisations can attend this simulation. Tickets cost £5,000 (+VAT) per team of up to five individuals. To register your interest in this event, please email



Cybersecurity Incident Simulation Exercise
Workshop Details

25 Churchill Place, Canary Wharf
E14 5EY

Start Date: 1st March 2019
End Date: 1st January 1970

Only five member organisations can attend this simulation.

Tickets cost £5,000 (+VAT) per team of up to five individuals. Early 2019 (Date TBC)