Rehearse your response

We design and build realistic cyber exercises to test every part of your organisation.

From CSIRT to C-suite.

Independent, realistic cyber exercises

We understand that no two organisations are the same.

Whether you need a 60 minute introductory workshop, or a multi-day, multi-national wargame, we will always design and build scenarios which are specific and meaningful to your business. 

Exercise3 is a UK-based, NCSC assured cyber incident exercise provider. We doesn’t sell products or consultancy. We don’t partner with anyone else. This independence allows us to objectively construct exercises which will let you practice, evaluate and improve your cyber incident response plans in a safe environment. 


average data breach cost
$ 0 m
of organisations have suffered more than one breach
0 %
saved by testing IR plans
$ 0 m
days on average to contain a breach

What we offer

Our exercises typically fall into one of four stages described below, depending on the maturity of the organisation we’re testing and the specific desired outcomes. Some organsations start their cyber exercise journey with a workshop to get everyone on the same page. Others jump straight to a table-top or simulation exercise. For some clients we can alternate between annual simulations and war games to keep everyone on their toes and make sure that processes and procedures are evolving as threats change.

Nothing we do is ‘off-the-shelf’. Every scenario is designed to be realistic and relevant to your organisation, and every exercise facilitated by experienced professionals

Stage 1: Workshop

Our workshops are designed to educate in an informative and interactive way. Tailored specifically to your organisation we will debunk some myths and demystify some of the complexities that surround cyber attacks. We will also talk through some of the common pitfalls in handling cyber incidents, based on our own extensive first-hand experience.

Workshops are a great way of bringing together different teams from across an organisation, all of whom will have a part to play in a cyber incident. Typically lasting a couple of hours, they are intended for a non-technical audience who are starting to think about their cyber incident response planning.

Stage 2: Table-top exercise

Table-top exercises are intended to build awareness by exploring credible cyber incident scenarios in a safe, passive environment.

Facilitated by an experienced incident response professional, our discussion-based table-top exercises are based around scenarios relevant to your organisation. They are a great way to examine assumptions and test how all levels of the organisation will respond, from CSIRT to C-suite, over half a day.

Stage 3: Live play simulation

Live play simulations are a great way to safely rehearse your incident response processes within a realistic, active environment.

We construct a rich scenario, with numerous injects to represent a realistic cyber incident. Optionally using roleplayers to simulate media, regulator and client interest as your incident progresses,  our simulation exercises play out in close to real-time, providing an opportunity to explore strategies, examine assumptions and practice making difficult decisions under pressure.

Stage 4: War Game

The ultimate way to ensure that your organisation is prepared.

A war game provides the perfect opportunity to appraise cross-group involvement, stress-testing assumptions against the worst-case scenarios. Players will be immersed within a highly realistic, multi-day exercise where they will need to make tough decisions and then defend them to clients, partners and the media. Technical teams will be put through their paces, detecting, analysing and mitigating highly realistic threats which closely represent the latest tools and techniques used by sophisticated actors.

It’s as close to reality as most people would ever hope to get!

Some of our clients

Why exercise?

Test the process

Our exercises provide an independent, expert assessment of your incident response processes. We design simulations and scenarios which are specific to your business, using threats and vulnerabilities common in your sector to ensure a credible and realistic test.

Upskill your team

Does everyone know what to do in a crisis? Regular exercises will allow you to see improvement as your whole organisation gets better at responding to incidents.

Improve communication

Communicating with stakeholders during an incident is vital. Internal, external, customers, shareholders, investors, media... we can help you rehearse your messaging so you can communicate to effectively to every audience under pressure.

Culture of learning

Develop a culture of learning within your organisation, making sure that relevant teams and individuals are able to maximise their effectiveness during a cyber incident.

Learn from your mistakes

All of our services include a detailed, post-exercise report containing our observations and identifying any areas for improvement. Each report contains practical, actionable advice to help you improve your incident response processes and procedures.

Collect Metrics

Get an understanding of how long elements of incident response take by testing them in real time, allowing for better strategy and planning.


"Exercise3 have helped Williams be better prepared to respond to cyber incidents when they occur. Exercising your capability on a sunny Friday morning rather than in the midst of a crisis just makes sense!"
Graeme Hackland
CIO, Williams F1 Team
"Exercise3 have extensive knowledge of cyber security and cyber threats and always bring this through in training and exercises in a way that is clear, compelling and informative."
Rolls-Royce plc
"The involvement of Exercise3 in testing and assessing the airport's resilience to a cyber-attack has been invaluable. Their expert knowledge and meticulous attention to detail certainly opened our eyes. The scenarios were relevant, current and very thought provoking."
Roger Walker
Ops Director, Farnborough Airport

Let's have a chat

Whether you need to rehearse how your senior leadership team handles a cyber crisis, understand how resilient your business is to ransomware, or test whether your security operations centre really can detect and respond to threats effectively, we’re here to help.

Every business is different, so we create scenarios which are meaningful and unique to your organisation. All of that starts with a discussion, from one human to another.

Get in touch, and let’s start talking.