Our latest episode brings in security expert Iain Pye, who shares military tales with me, your host James Rees, about what really happens when everything goes wrong. We get stuck into the nitty-gritty of incident response - the sleepless nights, the pressure from executives, and how to keep your team going when they're running on fumes.

From ransomware attacks to system meltdowns, we chat about war games and escape room scenarios, exploring how organisations can build proper resilience rather than just ticking compliance boxes. We dig into why most incident response plans gather dust in drawers and what happens when you actually need to use them. Ian brings a refreshing military perspective to corporate incident management, showing how battlefield experience translates surprisingly well to handling information security crises.

Whether you're dealing with compromised systems or insider threats, this episode packs practical wisdom for those moments when everything falls apart.

3 Key Talking Points and Reasons to Listen:

Building Resilience Through War Games: Discover why military-style drills and wargaming are crucial for effective incident response. Iain and I explore how regular team exercises - from realistic ransomware scenarios to creative "zombie apocalypse" simulations - help build the muscle memory and team dynamics needed when real crises hit. We share practical examples of how to run these exercises effectively.

Managing Team Stress in a Crisis: Learn the critical importance of managing your team during long running incidents. We break down the practical aspects often overlooked in incident response plans - from implementing proper shift patterns to ensuring your team stays fed, rested and functional during multi day crises. Find out why pushing your team to exhaustion is a recipe for disaster.

Turning Incidents into Improvements: Understand why post-incident analysis is where the real value lies. We discuss how to turn incident learnings into actionable improvements, including how to leverage serious incidents to secure necessary budget improvements. Learn why the "five whys" methodology is essential for preventing future incidents and strengthening your security posture.

On building muscle memory through repeated training:

"It's drills essentially. It’s doing the same thing over and over again and having that natural reaction. So you train your body - your mind, essentially - so if the proverbial poo does hit the fan, you can react in the right way and in accordance with what your SOPs [Standard Operating Procedures] might be."

Iain Pye

Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen

In this episode, we covered the following topics:

• Military Training for Incident Response: Learn how military-style drills can transform your team's ability to handle high-pressure security incidents with confidence and precision.
• Importance of Incident Response in Infosec: Master the essential skill of incident response and protect your organisation from data breaches and ransomware attacks effectively.
• Human Reactions to Emergencies: Discover practical techniques to keep your team calm and focused when emergencies strike, avoiding costly panic-driven mistakes.
• Role of Team Trust: Build unshakeable team trust that enables swift, coordinated responses during critical incidents.
• Communication During Incidents: Develop clear communication strategies that keep stakeholders informed and confident during crisis situations.
• War Games for Preparation: Create engaging war games and scenarios that prepare your team for real world incidents while building stronger team dynamics.
• Impact of Incident Stress on Teams: Protect your team from burnout during long-running incidents with proven strategies for managing stress and fatigue.
• Lessons Learned Post-Incident: Turn every incident into an opportunity for improvement by conducting effective post-incident reviews that actually strengthen your security.
• Importance of Documentation and Reporting: Create documentation and reports that drive real change and secure essential resources for your security programme.
• Scenario Planning for Various Risks: Build comprehensive scenario plans that prepare your organisation for any crisis, from common incidents to worst case scenarios.

Connect with your host James Rees
Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.