This course immerses learners in a simulated ransomware crisis affecting a public sector organisation. Participants analyse compromised assets, determine regulatory notification obligations under NIS2 and GDPR, and coordinate containment and recovery actions. Using structured tools such as an Asset Panel, Risk Management Matrix, Watch Board, and Report Builder, learners prioritise responses, manage communication with stakeholders, and produce crisis reports for executives and public audiences. The exercise emphasises incident response decision-making under pressure, regulatory compliance, and risk management. By the end of the scenario, participants understand how preparation, asset classification, and coordinated communication influence the effectiveness of an organisation’s response to ransomware incidents.

This serious game focuses on cybersecurity leadership and governance responsibilities typically associated with the CISO role. Learners analyse an organisation’s cybersecurity posture through multiple panels representing network infrastructure, business services, stakeholders, and emerging threats. Participants prioritise hardening actions, allocate limited budgets, and improve the security state of services with high business impact. The game also requires learners to communicate decisions through governance reports and briefings to internal and external stakeholders. By combining risk management, strategic planning, and stakeholder communication, the course teaches participants how cybersecurity leadership integrates technical security actions with organisational priorities and long-term security maturity strategies.

This course introduces the strategic and operational challenges associated with transitioning organisational cryptographic systems to post-quantum cryptography. Learners analyse the security posture of network services and identify systems that may be vulnerable to future quantum attacks. Through simulated decision-making, they design and apply migration strategies toward quantum-resistant cryptographic mechanisms while balancing budget constraints, operational risks, and business priorities. The exercise emphasises crypto-agility, risk management, and governance communication with organisational stakeholders. By the end of the session, learners understand how to plan and justify a post-quantum transition strategy and communicate its necessity within a broader cybersecurity management framework.

This course simulates a complex cyber incident affecting critical infrastructure. Learners investigate suspicious activity across multiple network segments, analyse evidence of a potential insider threat, and coordinate a multi-department response. The scenario follows the NIST incident response lifecycle and requires participants to perform detection, containment, eradication, and recovery actions in the correct sequence. Participants also assess legal and regulatory notification requirements under NIS2, GDPR, and other obligations. The exercise emphasises cross-functional crisis coordination involving technical, legal, HR, and communications teams. Learners generate executive reports, regulatory notifications, and public communications while balancing operational continuity and risk mitigation.

This course provides a realistic simulation of a cybersecurity audit engagement. Participants define the audit scope, collect evidence, and evaluate technical, organisational, and business process controls across an organisation. Using auditing tools and structured evidence repositories, learners analyse systems, identify control weaknesses, and map findings to recognised frameworks such as ISO 27001, NIS2, and CIS Controls. The simulation emphasises evidence-based analysis, audit independence, and ethical professional conduct when facing organisational pressure. Participants produce formal audit findings and generate an executive audit report summarising compliance gaps, risks, and remediation recommendations. The course teaches practical audit methodology and risk-based compliance assessment.

This course trains learners to interpret and operationalise cyber threat intelligence in organisational decision-making. Participants analyse threat feeds, correlate intelligence indicators with system states, and determine how emerging threats affect organisational risk exposure. Through scenario-based exercises, learners prioritise defensive actions, communicate threat intelligence insights to stakeholders, and align operational responses with strategic security objectives. The course highlights the role of situational awareness in cybersecurity governance and demonstrates how timely interpretation of threat intelligence can support proactive defence and resilience planning within an organisation.

This course focuses on organisational cyber-risk assessment and resilience planning. Learners evaluate business services, identify critical dependencies, and assess the potential impact of cyber incidents on organisational operations. Through structured decision-making activities, participants prioritise risk treatment options, balance security investments against operational needs, and develop resilience strategies aligned with business objectives. The exercise emphasises risk-based decision-making, governance reporting, and the integration of cybersecurity considerations into organisational strategy. By completing the scenario, learners understand how cybersecurity risk management supports long-term operational resilience and informed executive decision-making.

This course explores cybersecurity governance at the executive level. Learners assume strategic roles responsible for aligning cybersecurity initiatives with organisational goals and regulatory obligations. Participants analyse security posture indicators, review governance reports, and make strategic decisions regarding investments, policies, and risk management priorities. The simulation requires learners to balance technical security improvements, compliance requirements, and stakeholder expectations. By generating executive briefings and governance documentation, participants practice translating technical security information into strategic insights for decision-makers. The course emphasises leadership, governance accountability, and the integration of cybersecurity into organisational management processes.

A table-top exercise where participants analyse cryptographic deployments, identify implementation failures, and design secure architectural or governance improvements to ensure resilient cryptographic controls, compliance, and coordinated organisational response when security mechanisms fail

An immersive cyber crisis game where teams defend hospital operations, prioritise patient safety, manage ransomware disruption, coordinate stakeholders, allocate scarce resources, and make time-critical decisions during escalating incidents under pressure.