44CON.xi Cyber Crisis – Threat Condition

Join us on 23-24 September 2021 to attend a few short and focussed talks.

Choose between these options:

♦ attend lunchtime talks: free of charge but you need to register so we can send you the link to attend

♦ support us and add a tshirt and/or a hoodie (shipped after the event – shipping included)


This product is currently out of stock and unavailable.

SKU: 2021-TC-1 Categories: , Tags: , , , , ,

Thursday 23 September

Start Time End Time  
12:20 12:30 Introduction
12:30 13:00 Talk – Nick Selby – The Anti-Checklist Manifesto
13:00 13:30 Talk – Ken Munro – Aviation Security 101

Friday 24 September

Start Time End Time  
12:30 13:00 Talk – Andrew Tierney – Intro to IoT hacking
13:00 13:30 Talk – April C Wright – Supply Chain Unchained: How To Be A Bad SaaS

Choose between these options:

♦ attend lunchtime talks: free of charge but you need to register so we can send you the link to attend

♦ support us and add a tshirt and/or a hoodie (shipped after the event – shipping included)

Read more

T-shirts and hoodies will be shipped after the event, shipping is included in the cost. The t-shirts are Gildan 100% cotton. The light hoodies are 80% cotton, 20% polyester, weight 280 gsm. The heavier hoodies are 80% organic cotton and 20% recycled polyester, weight 320 gsm.  

The Threat Condition game has been cancelled.

The best time to learn about how you will act in a crisis is not when your first crisis happens.

44CON is launching a new series: the “Threat Condition” Cyber Crisis Game is two days of lunchtime briefings, followed by two afternoons of cyber incident game for up to 60 players in an online environment to allow people to connect. THREAT CONDITION is a cyber security crisis game that highlights the internal and external communication aspects of a reputationally damaging cyber attack. This interactive environment simulates the problems and issues of cyber security and the consequent organisational and communication challenges. The game is played by teams of players interacting dynamically as they collectively consider what to do about an emerging crisis based on an amalgam of real-world case studies. Players look at how an organisation’s information systems are structured, its policy options and practices for cyber security, then the game allows the participants to play through their options and the consequences of those decisions. Intercommunication between teams of players is a major part of the gameplay and it generates opportunities for participants to gain insights into their own organisational practices and policies and to rehearse responses to a crisis under time pressure. Click here to check the schedule.

Q & A


23-24 September 2021

“How long will the game last?”

There will be two runs – over two afternoons – of 4 hours of real world time each. There will be a 30 minutes plenary briefing before the first run and a 30 minutes debrief after each run.


The game will be played on Discord, so you will need access to it and an account.

“Which team roles will be available?”

Teams in the game will include:

    • Incident Coordination
    • CISO
    • Finance
    • Media Relations & Internal Communications team
    • Legal & HR
    • Technology Delivery & Operations
    • Detect & Response

“I want to enter as an individual.”

No problem.  Purchase a ticket in 44CON’s shop and indicate your role preference(s).

Maybe choose to experience it from a different role to the one you currently hold and gain a new perspective. Hopefully we will be able to give you your preferred choice, but this may not always be possible and roles will be assigned by the organisers.

“I want to enter a team.”

The game is perfectly suited as a team bonding or assessment exercise. Teams are composed of 4–6 members. Please contact us at registration@44CON.com to register your team and obtain an invoice for the team entry.

“How do we operate with a team? Who is the CISO/attacker/marketing etc? Do we work together in the same virtual room or are we split?”

Each team considers their actions and allocation of team resources as a group, but then also engages with other teams and incident coordinators to agree joint activity, where needed. Team activity is facilitated by a Control Team who guide the team and provide adjudication where necessary.

“How do we know who wins?”

In this sort of game there is no ‘winner’ as such – each team is given objectives and invited to consider how well they did in achieving those objectives.  The point of the game is to experience the challenges of crisis management – this is primarily a ‘safe to fail environment’ and an opportunity to gain insights.

“I’ve never played this sort of game before, will I be totally lost?”

This game is designed to be accessible to those unfamiliar with games, and in fact will be novel even to those experienced in playing things like board or computer games.  And there are no complicated rules to learn!