Table-top: How to Respond to Ransomware-as-a-Service and Attacks by AI

Join us for a tabletop exercise simulating a real-world ransomware attack. As the scenario unfolds, participants will make real-time decisions on incident response, escalation and recovery, mirroring the pressures of an actual cyber crisis. The exercise will also examine regulatory obligations triggered by cyber incidents, including vulnerability handling and incident notification requirements under the NIS2 Directive, the Digital Operational Resilience Act and the Cyber Resilience Act. In addition, the session will address how evolving EU cyber policy—such as proposed amendments under the EU cyber package—may further shape compliance expectations. Participants will leave with a clearer understanding of how to implement incident response, meet regulatory timelines and tailor strategies to their sector’s specific risk profile.

What you will learn: 

• Practice decision-making during a realistic ransomware scenario across different industry contexts. 
• Learn key reporting and response requirements under NIS2, DORA and the Cyber Resilience Act. 
• Translate EU cyber rules into practical steps for handling, escalating and recovering from cyber incidents under pressure.