← Back to home№ 01·CATALOGUE

Nine types
of really bad day.

Every scenario in our library belongs to one of nine enterprise-risk categories. Pick one to see the mission-control hero you'll launch from — then browse the full set in the carousel below.

Technology& CyberHealth& BiologicalEnvironmental& NaturalGeopolitical& PoliticalFinancial& EconomicOperational& Supply ChainPeople& SafetyReputational& LegalThird Party& ConcentrationIR.app
→ #technology_cyber
Technology & Cyber
№ 02·MISSION CONTROL

Technology & Cyber console

IncidentResponse.App//SITUATION ROOM//GLOBAL DATA FLOWS
NODE 33LINKS 14POSTURE · NOMINALUTC --:--:--
Try our interactive tool to see how vulnerable we all are
We have never been so reliant on technology, or indeed so interconnected, and are therefore more vulnerable to cyber attack than ever before. This applies to all sectors. Every financial sector organization, for example, is now totally digitized and is in effect a technology firm in all but name!We have never been so reliant on technology, or indeed so interconnected, and are therefore more vulnerable to cyber attack than ever before. This applies to all sectors. Every financial sector organization, for example, is now totally digitized and is in effect a technology firm in all but name!
TERRESTRIAL LINK
UNDERSEA CABLE
COMPROMISED FLOW
DATA HUB
Any organization that holds the personal information of even one EU citizen is subject to GDPR, which mandates not only data protection and cybersecurity, but also the regular assessment and testing of systems and processes. Try IncidentResponse.App to test your preparedness and ensure that your organisation is not only compliant, but ready for anything!Any organization that holds the personal information of even one EU citizen is subject to GDPR, which mandates not only data protection and cybersecurity, but also the regular assessment and testing of systems and processes. Try IncidentResponse.App to test your preparedness and ensure that your organisation is not only compliant, but ready for anything!
BRIEFING
How vulnerable is your organisation?
How ready is your team to respond to an incident?
Do you want to put them to the test?
Are you ready to see how you would all cope?
Time to play IncidentResponse.App!
LIVE
№ 03·LIBRARY

All nine, at a glance.

0103 / 9
01

Technology & Cyber

Ransomware, deepfake fraud, supply-chain compromise, regulator scrutiny.

SAMPLE INJECTS
  • Insider threat
  • Regulatory investigation
  • Media leak
  • Supply-chain compromise
02

Health & Biological

Pandemic onset, foodborne outbreak, lab incident, duty-of-care escalation.

SAMPLE INJECTS
  • Workforce absenteeism cascade (critical roles unstaffed)
  • Regulatory notification failure (late reporting to health authorities)
  • Whistleblower going public on safety conditions
  • Secondary outbreak at a second site or among customers
03

Environmental & Natural

Flood, fire, storm, contamination — and the regulatory tail that follows.

SAMPLE INJECTS
  • Secondary infrastructure failure (power, water, comms knocked out)
  • Regulatory breach triggered by the event (permit exceedances, pollution release)
  • Supply chain rupture from geographically concentrated suppliers
  • Insurance coverage dispute or exclusion invoked
04

Geopolitical & Political

Sanctions, evacuations, sovereign counterparty default, asset seizure.

SAMPLE INJECTS
  • Sudden sanctions exposure freezing assets or transactions
  • Local staff safety and evacuation requirements
  • Sovereign counterparty default or contract repudiation
  • Secondary sanctions from a third country (US extraterritorial reach)
05§

Financial & Economic

Covenant breach, run on liquidity, rating downgrade, short-seller campaign.

SAMPLE INJECTS
  • Covenant breach triggering loan acceleration
  • Auditor qualification or going-concern warning
  • Credit rating downgrade cascading into higher funding costs
  • Key customer or supplier insolvency domino
06

Operational & Supply Chain

Single-source rupture, port bottleneck, quality defect during workaround.

SAMPLE INJECTS
  • Single-source supplier with no qualified alternative
  • Contractual penalty clauses triggering with customers
  • Logistics bottleneck at ports, borders, or distribution hubs
  • Quality or safety defect discovered during workaround
07

People & Safety

Fatality, safety-regulator investigation, families on the doorstep, criminal exposure.

SAMPLE INJECTS
  • Fatality or serious injury escalating to safety-regulator investigation
  • Criminal proceedings against individuals or the corporate entity
  • Family and next-of-kin communications mishandled
  • Media doorstepping staff or families
08

Reputational & Legal

Regulator probe, class action, leaked Slack, ESG downgrade.

SAMPLE INJECTS
  • Regulator opening a formal investigation in parallel
  • Class-action or group litigation forming
  • Secondary leak of internal communications (Slack, email)
  • Executive departure or forced resignation mid-crisis
09

Third-Party & Concentration

Vendor insolvency, fourth-party surprises, escrow that doesn’t fire.

SAMPLE INJECTS
  • Contractual right-to-audit or step-in rights prove unworkable in practice
  • Sub-processor or fourth-party dependency surfaces unexpectedly
  • Data held hostage or inaccessible during vendor dispute
  • Concurrent failure affects peer firms (systemic concentration revealed)
START

Pick a type,
book a rehearsal.

Talk to us →Browse the scenario library