Where and when did the programme take place?

Jeopardy June was a cybersecurity technical exercise event hosted exclusively for a public-sector health organisation on June 27 and 28, 2024. 

Participants across the account were invited to participate, bringing together a variety of individuals across different trusts to investigate and analyse a compromised network of a fictitious organisation using Immersive Labs’ Team Sim module. 57 participants from 50 different trusts came together across eight teams to participate in the first Immersive Labs Technical Exercise.

Program goals

• Support the organisation in meeting future challenges and better utilising resources and expertise across the country to defend against cyberattacks, aligned to the cyber futures strategy.
• Enable national collaboration and provide commonality regarding technical exercises from the SOC to regional cyber team members.
• Benchmark National Technical Cyber capability.
• Empower the organisation to realise its benefit vision to ‘the leaders in cybersecurityʼ.

Visual representation of the programme

 

 

Preparation for the event

Kickoff call and planning – Exercise options were discussed with the service owner, and a timeline was created to ensure deliverables stayed on track.

Structured onboarding – Individuals were assigned to teams at random, with the exception of one team dedicated to the Security Operations Centre (SOC). Each team was named after notable figures in UK healthcare history. 

Preparation labs – Before the exercise, participants were assigned a set of curated labs to complete. These labs helped users familiarise themselves with the exercise tools and key security investigation concepts. The focus was on cyber defence, with the labs aligned to the Team Sim catalogue, incorporating tools like Velociraptor and skills relevant to SOC analysts, such as log interrogation.

Orientation and briefing – Immersive Labs hosted a team briefing where the Team Sim interface was shown to help participants understand how to use the platform and what to expect in preparation for the event. The session also included hints and tips for the exercise approach.

The Event

Exercise

The event was held across two slots to ensure that participants could fit the session in and around their day-to-day roles. During the exercise, Immersive Labs Cyber Resilience Advisors and technical specialists were present to support the teams.

Results

 

Of the 8 teams taking part, 3 teams finished the exercise within the allocated time, which was beyond expectations. 3 more teams out of the remaining 5 persevered to complete the exercise beyond the allotted time, showing true dedication.

All teams demonstrated great teamwork, communication and brought a collaborative culture to the exercise. There was a clear desire for more cross-trust events.

The exercise showed that the organisation has skilled talent across its national structure, capable of defending against cyber threats. Perhaps even more significant was the participants' drive to support one another and complete the team simulation, despite never having worked together before.

Participant highlights

Top common themes:

1. Teamwork: Working with people from different backgrounds and experiences and learning from them.
2. Different trusts: Meeting and working with people from different trusts and organisations, and seeing the talent across the country.
3. Real-world simulation: Experiencing what a cyber investigation involves, and working through a real-world scenario.

 

Reflections from a Cyber Resilience Advisor

What stood out to me was how the organisation's commitment to cyber resilience enabled a national-level exercise across a large, federated structure with varied capabilities. By preparing participants and fostering collaboration, leaders and coaches broke down silos and shared knowledge effectively.

Collaboration reached new heights, forming a network of skilled individuals ready to unite during future cyber incidents. Now, they are better prepared and equipped to protect their patients.

Immersive Labs' innovative product set made this national exercise possible. I’m proud to be part of a team that offers an evolving and uplifting resilience training solution.

What’s next

This organisation has a strategic programme across the Immersive Labs platform utilising the entire enterprise product to improve and evidence resilience. 

Following the post-event review, we’ve launched Tech EX 2025, with 15 programmes set for H2 to enhance resilience and meet future compliance needs. This isn’t a one-off exercise, but a continuous process focused on "what’s next".

Share your thoughts

Have you planned or hosted a similar event using Immersive Labs? Tell us about it here!

How many interactions do you have with personnel outside of your local business area? When was the last time you worked with someone from a different team to ensure that challenges were overcome?