Emergency decisions of a CIO at the FH Aachen
This year, we were once again guests at the FH Aachen to present the various opportunities for working at Complion to students. To illustrate the daily project routine, the students were invited to dive straight into the middle of things instead of just watching: it was time for a decision-making processes during a hacker attack.
For the fourth year in a row, we were back last week at the "Experts meet Youngsters" event hosted by Department 5 at FH Aachen. Companies presented (online for COVID-safety) expert lectures focusing on IT management and IT security. Roman Scholtysik as alumni of the FH Aachen, Dirk M. Ockel, Tobias Philipsen as well as Lea Mühlenschulte were "on air" for Complion. In order to present the various opportunities to work at Complion, a topic at the interface of IT management and IT security was chosen. As a measure against online meeting fatigue, we had an interactive story-game in tow, which covered emergency decisions of a CIO in a "Choose Your Own Adventure" format. Depending on the decision made, the presentation would take a different course.
The adventure begins
After introducing Complion, we began our adventurous journey. For the students' voting we used Mentimeter, a tool that can anonymously display votes via the browser without requiring a login - thus also IT security compliant! Depending on the path with the most votes, emergency calls would be made. First, the company was presented: a toy manufacturer that has modern toys, but an outdated IT department.
A ransomware attack by a professional hacker group was simulated, to which the students now had to react. The first decision to be made was who should be informed first: the IT department, the legal department, external forensic experts to search for clues, the CEO or an external PR company to save the company's image. The majority of those present decided to call the IT department to scan the corporate network for malicious actors and anomalies, and so the simulation took its course.
Now the question was what to do: notify the authorities, coordinate the communication strategy at Governance, Risk & Compliance (GRC), inform the board of directors or simply pull the plug on the entire operation? After several rounds of decision-making, including story twists, the students managed to save the company.
Direct exchange
After the presentation, the students were able to ask further questions. We also talked about where Complion can provide support in the scenario of a cyberattack. With our diversified team, we can support companies in (almost) any situation. The case described in the game is even based on a real client example. Thus, there is a suitable position in the team for both IT security and IT management at Complion.
Have we sparked your interest to experience adventures in the real world with us? Feel free to contact us.
You can find more information under COMPLION | Who are we looking for?
Author: Lea Mühlenschulte