Community News Security

CLAW 2018: crisis in ‘Guilder’

Imagine… you’re part of the crisis management team of the NREN in the (fictional) country of ‘Guilder’. The crisis coordinator has called you and the entire team in the ‘war room’: a crisis has just hit your organisation. 200,000 students are set to take a nationwide test, but because of an unspecified glitch in your network,  the test is not yet available (it is not uploading) in some locations. To make matters worse, this test is very much in the country’s spotlight and in the eventuality of a cancellation due to network failure, the reputational damage for your NREN would be immense.

This was the case presented to more than 60 participants at the start of the tabletop exercise during GÉANT’s second crisis management and communications event, CLAW 2018, last week. Attendees were divided in teams of 12, comprising representatives from a variety of NRENs with NOC, CSIRT, communications and information security management backgrounds. Most participants had met the night before during a working dinner and, just before the start of the exercise, had undergone a training session on how to perform under pressure – as a team. Having said this, they had only been given half an hour to lay down some ground rules, decide on the different roles each member would play during the exercise and get through the crisis.

Each team dealt with the crisis in different ways. In order to get clarity on the events that were unfolding, some teams promptly started drawing timelines on the whiteboard. For one team in particular, incessant calls from the press and the authorities were the cause of so much frustration that the phone had to be temporarily disconnected. Another team blamed a different organisation for the network issue, leading their Ministry of Education to release the wrong information during a press conference. However, by the end of the exercise, all teams had figured out the root cause of the crisis and were well on their way to fix it, share official updates and issue press statements.

The exercise reminded participants of crisis management’s main components: how do you create clarity about what is going on; how do you decide what information is pertinent and what is not; and how can you make sure you communicate about a technical problem in such a way that it is understandable for non-technical people? We discussed these questions and many others in the lightning talks, show-and-tell and training sessions during the remainder of the event.

If you want to find more material about crisis management, crisis communication and how to organise your own crisis exercise, please visit the (restricted access) wiki pages:


Skip to content