Free Cyberattack Simulation Series

hands typing on a laptop with a transparent overlay of security information

In light of the growing use of technology in behavioral health care and the increasing threat landscape, the National Council has teamed up with the Professional Development Academy to provide a one-time, no-cost benefit exclusively for National Council members. Through this limited partnership, we are providing the tools to help our members build a resilient cybersecurity posture, stay ahead of emerging threats and maintain the trust and confidence of their patients and stakeholders.

The reality-based cyberattack simulations prepare providers for cyberattacks by assessing their current state of readiness and identifying gaps. These simulations will help attendees evaluate their incident response procedures and tools and guide them in developing a detailed cyberattack response strategy.

Available Training Dates

June 19-23, 2023: Internet of Things

The Internet of Things (IoT) is shorthand for the network of physical objects (things) that are connected by sensors and software that retrieve and provide data to other connected devices — and people, as well. It keeps us connected in our homes, offices, around the city and beyond — in some cases far beyond with the use of drones, cloud applications and satellite computing. This simulation focuses on the possible value and risks associated with cybersecurity of IoT. Organizational leaders who want to increase data stewardship, safety and security should participate in this simulation.

Sept. 11-15, 2023: Ransomware

Ransomware attacks have become a growing concern in recent years and the threat of significant damage to finances and reputations of people and companies has caused many sleepless nights among risk managers and organizational leaders. This simulation focuses on preventing damage and provides the necessary steps to respond appropriately if/when you find yourself in a ransomware situation. Do you know the first three steps you would take immediately if critical assets and files of data were held ransom? Do you know the first three plays to run from your playbook if your organization was unable to operate because you were being held ransom? Do you have a playbook? Do you know the first three people to call? This simulation will help you validate any playbook or business continuity plan you have in place today and help you build one if you don’t have a plan. Join your peers to increase your defense readiness and risk response preparedness in the fight against cyberattacks.

Dec. 4-8, 2023: Employee Management

When it comes to cyber-readiness — preparedness, resilience, defense and response — people are the perimeter. People are also among the weakest links when it comes to cyberdefense. For this reason, we constantly engage in conversation about cyberthreats, periodically test our cyberawareness and engage in what-if scenarios with staff regarding cyberalertness, vigilance and best practices. While defenders against cyberattacks need to be right all the time, cyberattackers use volume and persistence in their effort. Using increasingly clever tactics, they hope to create a momentary lapse in judgement that results in someone clicking a phishing link or downloading an encrypted file of malware that puts them, the company and customers at risk. This last simulation of the year focuses on employee resilience — providing insights into policies, procedures and practices that you can immediately implement to increase your cyber-readiness.

Course Objectives

  • Provide a certified test of incident management plans.
  • Baseline current cybersecurity and risk management work capabilities.
  • Strengthen the leadership skills of managers responsible for risk planning and incident resolution.
  • Improve the quality of the incident management plans and playbook details.
  • Develop immediate action plans to strengthen people, process and technical security controls.

Who Should Participate?

The cyberattack simulation is suitable for members of your practice’s IT team and those responsible for risk defense, protection and recovery, as well as HR, policy management, finance, public safety and emergency services.

What Is the Time Commitment?

The program takes 30-60 minutes daily for one week. It is available online and can be completed at your own pace, making it a flexible and convenient option for staff.