Feature Focus: Introducing the AI Scenario Generator
In this blog, we’ll cover what this feature is and how you can use it. For this release, we’ve made creation as easy as possible. Just click Create with AI, add a title, and select options for organisational sector, attack vector, threat actor, and scenario size. This will generate a full scenario, from the briefing to the epilogue. You can even make a cuppa while it works!🪄✨ Once created, these scenarios can be published or edited and published in your organisation's catalogue. But how exactly does it work? Organisation admins can turn the AI Scenario Generator on and off in the platform settings area, so you’ll need this to be turned on if you want to try it out! Our AI Scenario Generator is currently only available to our Cyber Crisis Simulator customers. It’s based on technology provided by OpenAI, with generations based on publicly available data related to crisis management as well as our own Immersive Labs Crisis Sim catalogue. Organisation admins can choose to use the feature in a layered approach: No AI access at all: This means that your organisation has chosen not to enable the AI Scenario Generator. Without scenario sharing enabled: You can generate AI scenarios based only on the inputs shown in the generation box. With scenario sharing enabled: The AI will access specific parts of your previously published scenarios when generating new ones, ensuring the new scenario is highly relevant to your context. These settings can be updated on the organisation's settings page. If you’re keen to use the AI Scenario Generator but it’s not enabled in your organisation, you’ll need to discuss this with your internal Organization Administrator. If you’re an Organization Administrator and want to know more about the feature, contact your CSM. Tell me more about scenario sharing! If your organisation chooses to also enable scenario sharing, Immersive Labs will include specific information from any previous custom scenarios that you’ve published in the temporary “context window” for requests to our third-party AI vendor. A "context window" is an extension of the query sent to an AI model. It exists only during the processing of the query and isn’t saved by any third parties. The third-party AI vendor won’t use any of the information you share to train its models. Shared data will only ever be included in this temporary "context window" of generation and won’t be stored by the third-party AI vendor. The shared information includes scenario titles, descriptions, inject titles, and response options. It excludes feedback to response options, exercise information, reporting, account or organisation information fields, or metadata. Scenario sharing is designed to make the generated scenario more relevant to your particular context. You can still create scenarios using AI without scenario sharing, but your scenario will likely be more generic and less relevant to your particular organisational context. However, you can still edit the final version to make it more relevant to you – just like with our catalogue scenarios. Let’s not forget the human in the loop As with all things AI, we recommend that you review the AI output before publishing your scenario, to ensure it meets your needs. The AI Scenario Generator currently only generates text content, so you’ll probably want to add additional rich media, such as images or videos, to your scenario. To get the most out of your crisis simulation, we also recommend enabling, adding, changing, and checking certain elements. These include: Checking that you’re happy with the text formatting and narrative content Checking that you’re satisfied with the role listed Enabling and adding response feedback or performance indicators If you want to capture ranked response data, select the ranked options setting and add a rank (great, good, weak, okay) to each response option to suit your organisation's preferred situational response Turning on response confidence or justifications Get involved and share your thoughts! We know that AI is a hot topic and we’re keen to hear and capture your feedback and suggestions on this first release of our AI Scenario Generator as part of our user research taking place this November and December. If you want to participate in this research, you’ll be able to share your thoughts and experiences of using our AI tool and scenario creation more generally directly with our team. Comment below if you’d like to find out more, and we’ll contact you with further details! If you’re an Immersive Labs customer, you can find out more about the AI Scenario Generator in our FAQ guide.Christmas Tree-Son🎄Virtual Crisis Simulation
This event has now ended. You can watch the recording here. --- Tis the Season to be jolly... but not so fast! The North Pole, a beacon of holiday cheer, faces a cybersecurity storm that threatens to derail preparations for the holiday season and expose its deepest secrets. A disgruntled elf has turned whistleblower, leaking confidential data and casting a shadow over Santa's operations. Can you navigate the chaos, protect the integrity of Christmas, and safeguard the spirit of the season? A Festive Cyber Thriller: Immerse yourself in a unique and engaging crisis scenario set against the backdrop of the North Pole. Real-World Challenges: Tackle realistic crisis and cybersecurity threats and dilemmas inspired by current events and industry concerns. Ethical Dilemmas: Face tough choices that test your crisis management principles and challenge your decision-making skills. Learning and Fun: Gain valuable insights into crisis management and cybersecurity while enjoying the festive spirit.#LoveHacked Virtual Crisis Sim LIVE
This event has now ended. You can watch the recording here. ------------------------------------------------------------------------------------------------- Don't Let Your Valentine's Day Go Viral... for the Wrong Reasons! Roses are red, violets are blue, but what happens when Cupid's arrow delivers a cyberattack, too? This Valentine's Day put your crisis response skills to the test with our virtual crisis simulation, #LoveHacked. Experience the chaos of a QR code phishing attack. Make critical decisions under pressure to protect your reputation and key stakeholders. Learn how to navigate the golden hour of a digital crisis.Learning Outcomes Don't get caught unprepared! Sign up now for #LoveHacked and ensure your Valentine's Day is filled with love, not losses.A Step-by-Step Guide to Hosting Your Own Hacktober Event
Organizing engaging, informative, and enjoyable cybersecurity events like Swisscom's Hacktober event doesn't have to be daunting. With strategic groundwork and relevant, interactive challenges, you can create a cybersecurity event that is both fun and educational. Are you considering hosting a similar cybersecurity event? This blog provides a step-by-step guide to creating an impactful event, resulting in a more skilled and prepared workforce.Mastering Crisis Sim: How We Got 25 Execs on the Edge of Their Seats
Let's start with the requirements. In this case, they were clear: 1) To have a fully customised exercise focusing on payment risks and cyber threats like fraud, ransomware, and cash-outs. This is the domain expertise of Mastercard, who had no issues creating this in the Immersive platform with our review and guidance. 2) To deliver this on-site in front of 25 senior execs (including the CEO, CTO, CISO, CFO, and numerous heads of departments). It’s definitely not easy getting this many board members together in one room, so we had to make the first best impression! What did we do, and why was it a success? The stakeholders told us that they’d run tabletop exercises before, so this wasn’t new to them. So, how did we turn what they expected to be a routine drill into an edge-of-the-seat experience? What made our approach unique? Realistic AI-generated videos The amazing Crisis Sim content creation team at Immersive Labs used generative AI to create highly realistic videos that felt as though they were straight from a Pakistani news channel. Mastercard provided us with a few scripts and ideas that helped bring the AI videos to life. AI video of a news reporter tailored to resemble the Pakistani news channel. AI video of a news reporter tailored to resemble the Pakistani news channel. Why did the execs jump out of their seats? That’s because we included the following in the videos: Footage of their building on the news and customer dissatisfaction over cyberattack repercussions. News reporters with local accents and dress styles mentioning the bank and stakeholders, and unhappy Tweets flooding social media. A video of their CEO, not his real face of course, but we used his name when it came to an inject where the stakeholders voted for ‘releasing a press statement to the public’. They even specifically asked us to ensure none of these videos leaked! But each video included the message “Exercise use only – not based on real events”. AI video of the CEO giving a press conference. Collaboration This success was a team effort. Getting any presentation done right, especially in person, requires planning and knowing your audience. This is where Mastercard brought their expertise to create and tailor the Crisis Sim exercise while we supported with our guidance and previous customer experience knowledge. Our roles, tasks, and responsibilities were clear. Top tip: If you’re planning an exercise, collaborate with others for ideas and support. Double act presentation Presenting as a team made all the difference. Mastercard’s expertise in engaging senior execs helped animate the session and avoid awkward silences, while I focused on facilitating the exercise. Doing this alone can be tricky – I’ve personally struggled with awkward silences during solo Crisis Sim sessions while juggling scenario questions, multiple responses, feedback, and facilitation all at once. Sharing the load was crucial, especially in a U-shaped room where I couldn’t easily move around. In this case, I didn’t need to worry about moving away from my laptop, leaving the close-up engagement completely for Mastercard to lead on. Image example of the U-shaped conference room this took place in. The feedback The feedback was overwhelmingly positive – they said it was their first experience with such a tabletop exercise, a stark contrast to their initial expectations. The AI videos sparked significant interest and curiosity. The collaboration between Mastercard and Immersive Labs successfully delivered an educational, engaging, and tailored exercise. The bank expressed interest in running a wider crisis drill in 2025 with multiple banks. So look forward to hearing about that in the future! Finding AI video scenarios in our Crisis Sim Catalogue If you clicked on any of the AI images above thinking it was a video, I’d like to apologise. They were just screenshots as the actual videos included sensitive, bank-specific details like names and locations that we can’t share externally. If you’d like to explore AI video scenarios in our Crisis Sim platform, check out titles like: Boardroom Betrayal: When Deepfakes Strike the Top Puppetmaster’s Revenge The Walls Have Ears – Part One The Walls Have Ears – Part TwoWhen the Lights Went Out at Heathrow: A Crisis That Was Never Meant to Be “Won”
In the early hours of March 21, 2025, a fire broke out at the North Hyde electrical substation in West London, just a few miles from Heathrow Airport. Within hours, a local infrastructure incident had triggered widespread disruption across the global aviation ecosystem. Flights were grounded, operations were halted, passengers were stranded, and local residents were left without power. Suddenly, one of the most connected airports in the world found itself completely disconnected. This wasn’t just a power failure, it was a systems failure. The fire itself was severe yet containable, but what unfolded afterward exposed far deeper vulnerabilities. It has since been claimed that Heathrow had “enough power” from other substations, which now raises difficult but fair questions: If there was enough power, why shut the airport down completely? If there wasn’t, why wasn’t the site resilient enough to handle a failure like this? And most importantly, how did one single point of failure have this much impact on such a critical national and international asset? These are the questions that will dominate the post-crisis scrutiny, but while many rush to applaud or condemn, I think the truth lies somewhere more uncomfortable. Crisis leadership isn’t about perfect outcomes Crisis response is never clean. It’s messy, fast-moving and incomplete. You make decisions with partial data, under pressure, in real time. And in the majority of cases, you choose between bad and worse – which is exactly what Heathrow’s leadership team faced: Compromised infrastructure Uncertainty about the integrity of power and systems Thousands of passengers on site and mid-flight en route to the airport Global operations and supply chain at risk The common response is, “we need to tackle all of these problems” – and rightly so – but what people often forget is that in a crisis, you don’t have the resources, time, or information to tackle everything at once. Heathrow's leadership chose safety and containment, and in just under 24 hours, they were back online again. That’s impressive. That’s recovery under pressure, and that’s business continuity in action. But it doesn’t mean everything was done right, and it certainly doesn’t mean we shouldn’t ask hard questions. “Enough power” means nothing without operational continuity Having backup power doesn’t mean having functional operations. Power alone doesn’t run an airport – systems, processes, and people do. If the backup didn’t maintain critical systems like baggage handling, communications, lighting, or security, then the airport was right to shut down. However, the next question is, why didn’t those systems have their own layers of protection, and where was the true resilience? This leads us to the real issue: this wasn’t just about Heathrow, it was about the entire ecosystem. Resilience isn’t just a plan – it’s a whole system of dependencies The recent disruption is a real reminder that resilience doesn’t just live inside an organization. It lives across every partner, vendor, and hidden dependency. In critical services like aviation, the biggest vulnerabilities are often outside the walls of your own operation. There’s a web of partners involved in keeping an airport running: Power providers Facilities management IT and communications vendors Outsourced security Maintenance crews Air traffic systems Second and third-tier subcontractors Many of these providers sit outside the organization’s direct control, yet their failures become your crisis in an instant. True resilience requires more than internal readiness, it demands visibility across the whole supply and vendor chain, coordination protocols with external stakeholders, and clear ownership of critical functions. When something breaks in the background, you won’t have time to figure out who’s responsible; you’ll only care about who can fix it. So identifying and (most importantly) testing and exercising your supply chain is paramount. This wasn’t a “winnable” crisis – and that’s the point I’ll discuss this concept further in my upcoming webinar, The Unwinnable Crisis: How to Create Exercises That Prepare Teams for Real-World Uncertainty, but the Heathrow disruption is a perfect case study. This was never going to be a clean “win.” No plan could have delivered a flawless response, and no leader could have avoided disruption entirely. Instead, this crisis asked a different question: When everything seems to be falling apart, can you contain the damage, protect your people, and recover quickly? That’s the real test. It’s what separates the theoretical resilience plans from the operational reality. Heathrow passed parts of that test, but the system around it has questions to answer, and every other organization watching should be asking the same thing: “How many hidden dependencies are we one substation, one outage, one contractor failure away from exposing?” The next crisis may not give you a warning, and it certainly won’t give you time to figure out who’s holding it all together. Crisis leadership isn’t about perfection; it’s about being ready for the moment when no perfect option exists. The question now is, what did it reveal that we can’t afford to ignore? Ready to prepare for true crisis readiness? Join me for the upcoming community webinar, The Unwinnable Crisis: How to Create Exercises That Prepare Teams for Real-World Uncertainty on April 11. We’ll explore what true crisis readiness looks like and how you prepare your team to lead when there is no “win” – only choices.
