Digital Fortress
By Simvado
Your company discovers a massive data breach affecting 12 million customers. Lead the cross-functional response across legal, technical, communications, and executive teams. Every hour of delay costs $2.4 million in regulatory exposure.
Environment Gallery
Scenario Overview
It starts with an anomaly. A junior security analyst at Vanguard Health Systems notices that a database query pattern does not match any authorized application. Within an hour, your security team has confirmed the worst: an unauthorized actor has been exfiltrating data from the company’s patient records database for at least seventeen days. The breach affects 12 million customers across six states, and the stolen data includes names, addresses, Social Security numbers, medical histories, and insurance information. This is not just a data breach — it is a HIPAA violation, a class-action liability, and an existential threat to the company, all wrapped into one.
As the VP of Security and Compliance, you are now the most important person in the building. The CEO needs answers for the board by tomorrow morning. The General Counsel is calculating regulatory exposure that already exceeds $28 million and climbing at $2.4 million per hour of delayed notification. The CISO is locked in a war room trying to determine whether the attackers still have active access. And the head of communications has a draft press statement on your desk that your legal team says will create more problems than it solves.
You have seventy-two hours before mandatory breach notification deadlines begin to expire. In that window, you must confirm the scope of the breach, contain any ongoing unauthorized access, develop a legally defensible notification strategy, prepare the CEO for a press conference, launch a customer support operation, and coordinate with the FBI’s cyber division — all while the attackers may still be watching your every move from inside your own network.
Skills Developed
Learning Objectives
- 1Lead a cross-functional incident response team spanning security, legal, communications, and executive leadership
- 2Navigate complex regulatory requirements including GDPR, CCPA, and sector-specific breach notification laws
- 3Preserve forensic evidence while simultaneously containing an active breach and maintaining business operations
- 4Develop and execute a multi-channel communication strategy for customers, regulators, media, and internal stakeholders
- 5Quantify breach impact in financial and reputational terms to inform real-time decision-making and resource allocation
Scoring Dimensions
Every decision you make is scored across five leadership dimensions.
Modules (4)
Breach Discovery
Free Demo20 min
The security team discovers unauthorized access to customer databases. Assess the scope, determine the attack vector, and initiate the response plan.
Legal & Compliance
20 min
GDPR, CCPA, and sector-specific regulations impose strict notification timelines. Work with legal to navigate the regulatory landscape while the investigation continues.
Technical Containment
20 min
Plug the breach without alerting the attackers or disrupting service. Preserve forensic evidence while securing systems against continued exploitation.
Public Response
20 min
Draft the public disclosure, prepare the CEO for press conferences, and launch the customer notification campaign. Your response defines the company’s future.
More Simulations
Ready to start training?
Create a free account to play your first simulation module. Upgrade to Pro for unlimited access to every scenario in the library.