Site navigation

SBRC Updates ‘Exercise in a Box’ Programme to Tackle Ransomware Threats

Ross Kelly


Exercise in a Box

Ransomware attacks have hit the headlines again following significant attacks on public and private sector organisations across the UK.

In response to the growing risk of ransomware attacks, the Scottish Business Resilience Centre (SBRC) has made a significant update to its ‘Exercise in a Box’ programme which it has been running with businesses across Scotland since late 2020.

In addition to its ‘Working from Home’ scenario – which has already been delivered to many businesses in Scotland – the SBRC has launched the NCSC’s ‘Phishing attack that leads to a ransomware infection’ scenario.

The programme delivers workshops aimed at bolstering cyber resilience and allows participants to explore various scenarios to test their cyber response in a safe, controlled environment.

As part of the new scenario, which is available to Scottish businesses from later this month, workshops will examine how an organisation would experience a phishing attack that leads to a ransomware infection.

This particular scenario will test how users can detect and respond to phishing attacks, as well as what security controls are implemented to limit the impact of ransomware infections when they do occur.

Businesses that attend the free, 90-minute workshop will be able to test how well they would cope if they were infected with ransomware and gauge the effectiveness of their current backup solution.


Jude McCorry, CEO of SBRC, commented: “The extension of the scenarios explored within our workshops provide businesses with more opportunity than ever to extend their cyber resilience.

“While news around Ransomware infections has increased recently, businesses must feel reassured that these types of attacks are by no means the most popular type of cyber-attack. However, as part of increasing the resilience of a business, organisations must be informed and prepared for any eventuality.”

Delivered with support from the Scottish Government, SBRC’s cyber team are continuing to run these sessions virtually with input from Police Scotland and other stakeholders. Participants will gain a range of skills allowing them to continue refining their cyber resilience policies in their own time.

McCorry added: “The Exercise in a Box workshops have so far received extremely positive feedback from attendees. The specificity of the scenarios which are explored provides attendees with the opportunity not only to see how they might respond to such a situation but also hear how others might, which opens their mind to new approaches and processes.

“Given that businesses continue to face a bumpy road to recovery, I encourage all to attend this free programme to ensure that cyber resilience is one area of the business owners don’t need to be concerned about.”

The workshops specific to the Ransomware scenario are taking place on the following dates:

  • Tuesday 23 February
  • Tuesday 2 March
  • Wednesday 10 March
  • Wednesday 17 March

Additional regional sessions specific to the Ransomware scenario will also be held on:

  • Tuesday 23 March – Fife
  • Wednesday 24 March – Dundee
  • Tuesday 30 March – Aberdeen

Further information on Exercise in a Box workshops – which are delivered via Zoom or Microsoft Teams – are available on the SBRC website here.

Ross Kelly

Staff Writer

Latest News

%d bloggers like this: