Business Continuity Management / Disaster Recovery
,
Events
,
Governance & Risk Management
Semperis’ Hodgkinson and Rachman on Tabletop Exercises and Continuity Plans
Cyber incidents aren’t just technical problems. “We often talk about cyber crisis, but there’s not really a cyber crisis. It’s a business crisis. Cyber is just a trigger for a business-impacting event,” said Simon Hodgkinson, strategic advisor at Semperis. These business crises demand a comprehensive organizational response.
See Also: Enterprise Browser Transforms App Delivery and Compliance
The first 24 hours of any crisis are always chaotic, but organizations can better prepare for it through regular tabletop exercises and continuity plans. The continuity plans, often designed to sustain 24- to 48-hour disruptions, must be reset for prolonged technology outages that could be triggered by cyber events.
“Attackers try to hit those internal communication systems as soon as possible because they know that once they do that, the defenders will have their work so much harder,” said Yossi Rachman, director of security research at Semperis. Organizations must therefore build offline communication capabilities and ensure their response frameworks can operate independently of compromised digital infrastructure.
In this video interview with Information Security Media Group at Infosecurity Europe 2025, Hodgkinson and Rachman also discussed:
- Why organizations must treat resilience as a companywide priority;
- Best practices for maintaining employee engagement and communication during prolonged outages;
- How Semperis’ Ready1 platform enables offline crisis communication capabilities.
Hodgkinson, former CISO at bp, has led global cybersecurity strategy, threat operations and incident response. He now advises Semperis on breach readiness and cyber resilience across North America and Europe.
Rachman has more than 15 years of offensive and defensive cybersecurity experience, leading research teams and managing hundreds of DFIR and red team operations. He’s also an expert in social media abuse by nation-states and advanced threat actor tactics and defenses.
