Congratulations!
You’ve put a stop to the breach.

Restart
Total elapsed time
3
Days
Information

Each second spent within BreachBreaker represents one day, since identifying and containing a breach takes, on average, 279 days according to the 2019 Ponemom "Cost of a Data Breach" report.

Total records breached
25262
Information

Data based on the average number of records compromised per breach according to the 2019 Ponemom "Cost of a Data Breach" report.

Total cost of the breach
$
89252
Information

Based on the average cost of a breach, according to the 2019 Ponemom "Cost of a Data Breach" report.

Your Breach Breaker Summary

1
1

Scenario One: Endpoint Detection and Response

Your Decision

Coordinate with the X-Force IRIS incident response team using the Vision Retainer.

Strengthen your readiness and response to cyber attacks with a incident response retainer.

When a cyber incident occurs, coordination and timing is everything. Not only should you have a tested response plan , but you should also have security experts ready to spring into action when you need them most.

1
2

Scenario One: Endpoint Detection and Response

Your Decision

Activate the incident response playbook.

Incident Response and Threat Intelligence

You have an incident response plan. But in an attack, does your organization understand exactly what attackers are doing? The experts at IBM do, and now you can also use threat intelligence to enhance security.

1
3

Scenario One: Endpoint Detection and Response

Your Decision

Research the IP address with my X-Force IRIS threat intelligence.

IBM Security Connect. Security evolved to grow your business.

With the increasing number of cybersecurity point solutions creating complexity that gets in the way of effective security, it’s time for a better way to connect your data, tools, and teams.

2
1

Scenario Two: Reporter Phone Call

Your Decision

Ignore the call until you have more details about the breach.

Get help from a team of security experts who are available on hand when you need them.

Organizations should have a trusted security provider on standby to help navigate each step — in the right order — of a security breach. Get help from a team of security experts when you them. They will be on hand right away to help you choose the right steps to decrease incident response times and minimize the impact of a security incident.

2
2

Scenario Two: Reporter Phone Call

Your Decision

Respond to the reporter with “no comment”.

Prepare for your next cyber security incident by improving your ability to respond.

Having the response strategy you need is vital in determining the next best step for your organization.

2
3

Scenario Two: Reporter Phone Call

Your Decision

Loop in the Communications team to handle the request.

When a breach happens, coordination and timing is everything. Not only do you need a tested response plan but you also should  having outside security experts standing by to help you each step of the way.

Disjointed incident response efforts will lead to overwhelmed teams who may or may not actually remediate the incident. You must be proactive and develop an incident response plan that has a security partner on retainer will improve response times, lower costs, and boost response effectiveness.

3
1

Scenario Three: C-Suite Walk In

Your Selected Sequence

Below is the order in which you took action.

Isolate the impacted endpoints or system.
Investigate the breach activity.
Recover affected platforms.
Contact security teams to change policy.

You’re under attack. Now live the response.

You took excellent steps in our Breach Breaker scenario, but now you can bolster your knowledge by training with an elite squad of cyber first responders, in a premier security training ground. Get the IBM X-Force Command Experience.

You’re under attack. Now live the response.

Although your choices were not in the ideal order, the IBM X-Force Command Experience can help you prepare for worst-case scenarios with intense, gamified drills based on real-world attacks, led by X-Force
Command experts who have first-hand knowledge from the front lines.

4
1

Scenario Four: Data on Twitter Feed and dark web

Your Decision

Immediately go on the dark web to confirm if the records are legitimate.

Use dark web analysis to augment your cyber security structure.

Dark web forums and marketplaces can be treasure troves of data on threat actor activities, motivations, and capabilities. Explore ways to understand if your sensitive information exists on the dark web and what you should do about it.

4
2

Scenario Four: Data on Twitter Feed & dark web

Your Decision

Pass along to the X-Force IRIS intelligence team to research the handle.

Hinder an attacker’s plan by combining threat intel with expertise.

Any determined attacker has a good chance of infiltrating a network. However, just because an attacker makes it through the front door, they don’t have to walk away with your proprietary data. To hinder an attacker’s ability to plan and launch a breach, it’s important to have an end-to-end incident response strategy in place.

4
3

Scenario Four: Data on Twitter Feed & dark web

Your Decision

Ignore (it’s clearly spam).

Understand a cyber attacker’s mindset.

Understanding what threat groups are after can help organizations protect digital assets and data. Attackers target a variety of data — from financial information, which can be sold on the darknet, to intellectual property, which can be sold for profit or used in corporate espionage.

To experience Breach Breaker on your mobile device, please rotate your device to the landscape position.