D-Day Fortitude:

The cyber attack simulation at your premises!


Overview - Origins - The documentary - D-DAY FORTITUDE in action - Objectives - Book a simulation/Request - Q/A

Test your crisis management team

under conditions close to a real cyber event.

D-Day Fortitude is a cyber crisis simulation which provide an immersive and interactive approach!


Test and improve the skills of teams responsible for managing crises triggered by cyberattacks.

Testimonial
CEO:D-Day Fortitude provided us with an unparalleled simulation, revealing both our strengths and areas for improvement in the face of cyber threats.

CISO: D-Day Fortitude showed us the challenge of making real-time decisions with limited information, strengthening our ability to prioritize, collaborate, and act under pressure.

The Origins of D-Day Fortitude: Inspired by Military Strategy, Designed for Cyber Resilience

The D-Day Fortitude exercise draws its roots from military training principles, where anticipating the worst-case scenario ensures optimal preparation.

Why this approach?

  • Anticipate the unexpected → Confront realistic cyber crises and identify weaknesses.

  • Train under pressure → Push teams to react in high-stress environments.

  • Develop resilience → Build strong, structured, and proven response strategies.

    About the Creator:

    D-Day Fortitude is designed by Jérôme Jacob, the visionary behind ROOM#42, Europe's leading cyberattack simulation environment. With over 200 cyber crisis exercises conducted, his methodology ensures impactful learning and actionable strategies.

    • Experience the concept in under 4 minutes with a dynamic video!

    WATCH THE DOCUMENTARY

    D-DAY FORTITUDE in Action

    Agenda of the Day

    On-site at your company premises – An immersive experience in your real working environment for maximum impact.

    09:00 - 12:00 | Live Cyber Crisis Simulation

    • A realistic cyberattack scenario, customized to your industry and organization.
    • Participants are plunged into a high-intensity crisis situation, facing real-time challenges and evolving threats.
    • Critical decision-making under pressure, requiring collaboration across different roles.

    13:00 - 16:00 | Debriefing and Analysis

    • Detailed review of decisions made and their consequences.
    • Discussion on strengths, areas for improvement, and key takeaways.
    • Guideline : How to survive.

    A Collaborative and Strategic Exercise

    Participants: 5 to 10 people, with diverse profiles:

    • Executives and strategic decision-makers (CEO, CISO, CITO, etc.)
    • Operational teams (HR, Communications, IT, Customer Service, Legal, etc.)
    • External service providers and partners can also be involved to assess ecosystem interactions.

    A Comprehensive Report for Continuous Improvement

    Several days later, participants receive a detailed report including:

    • Strength analysis and key best practices identified.
    • A tailored action plan to enhance cyber crisis preparedness and response.
    • Concrete recommendations to improve coordination and resilience

    Modes of Execution: Black Box or White Box?

    → Black Box: The ultimate surprise test.

    • The exercise is launched without prior notice to the crisis management team.
    • Only the CISO is aware of the date.
    • The team must react in real-time with the personnel available at that moment.

    → White Box: Planned and structured.

    • The crisis management team is informed in advance.
    • The team has time to prepare mentally and strategically.

    Levels of Support: Guided or Autonomous?

    → Guided Exercise: Supervised training for optimized learning.

    • A Crisis Exercise Director supports the team in applying best practices.
    • Strategic corrections and redirections are provided when necessary.
    • Ideal for teams new to crisis management or seeking structured learning.

    → Autonomous Exercise: Full crisis immersion.

    • The crisis management team operates independently.
    • No external guidance—the team is responsible for its own coordination, decision-making, and response.
    • Ideal for mature teams wanting to test their real-world response capabilities.

    Challenge Levels: Tailored to Your Maturity

    → Initial Level: 🟢

    • Designed for organizations with no structured crisis management procedures
    • First step toward establishing crisis protocols.
    • The focus is on basic team coordination and foundational decision-making.

    → Intermediate Level: 🟡

    • The organization has crisis procedures in place but wants to test their applicability.
    • A realistic scenario puts existing protocols to the test.
    • Objective: Validate internal procedures and optimize their effectiveness.

    → Advanced Level: 🔴

    • Elite-level crisis simulation.
    • Designed for teams with prior crisis management experience
    • Extreme conditions push teams to their limits under high-pressure situations.

    Tailored Scenarios: Your Industry, Your Challenges

    D-Day Fortitude adapts to your organization's environment, ensuring maximum relevance and immersion. Scenarios are designed for:

    • Finance & Banking – Cyber fraud, ransomware, financial data breaches.
    • Public Sector – Government infrastructure attacks, information leaks.
    • Transportation & Logistics – System disruptions, supply chain threats.
    • Media & Communication – Fake news manipulation, mass phishing.
    • Construction & Infrastructure – Smart-building cybersecurity threats.
    • Industry & Manufacturing – Industrial control system (ICS) cyberattacks.

    Why Participate in D-Day Fortitude?

    With D-Day Fortitude, prepare for the unpredictable and turn every crisis into a learning opportunity.

    • Test and improve cyber crisis management in real-world conditions.
    • Identify organizational weaknesses and strengthen internal processes.
    • Develop fast and effective decision-making under pressure.
    • Develop concrete strategies to improve resilience.
    • Recommendations to enhance compliance with NIS2 and DORA regulations.

    Ready to Book Your D-Day Fortitude Session?

    To get started, simply send us an email with the following details:

    • Your Organization’s Name
    • Contact Person
    • Preferred Date
    • Phone Number
    • Email

    SEND YOUR REQUEST NOW

    Prepare your team for the ultimate cyber crisis simulation

    Questions/Answers on the D-Day Fortitude Exercise by Cyber|Eon with Jérôme Jacob

    Why did you design the D-Day Fortitude exercise?

    The Cyber D-Day Fortitude exercise was born out of a simple observation: in the cyber domain, crisis management relies heavily on the ability to navigate through uncertainty. Lack of information, loss of time control, and unforeseen events create a "crisis fog" that teams must be prepared to face. The goal is to anticipate the unpredictable and transform theoretical knowledge into operational skills, even in degraded contexts.

    What are the main objectives of D-Day Fortitude?

    1️⃣ Encourage strategic thinking through key questions such as: "What if…?"

    2️⃣ Simulate a complex environment where participants must manage the unexpected.

    3️⃣ Test response or management options without fear of real-world consequences.

    4️⃣ Explore and leverage friction, meaning everything that could go wrong in a plan, to strengthen team capabilities.

    What are the key features of a D-Day Fortitude exercise?

    Realistic simulation: Provide a controlled, immersive environment that closely mirrors real-world conditions for optimal training.

    Threat anticipation: Identify potential vulnerabilities and develop appropriate responses.

    Improved decision-making: Enable teams to practice decision-making under pressure, a critical skill during crises.

    Enhanced coordination: Foster communication and collaboration between different units for greater operational effectiveness.

    Why include uncertainty in these exercises?

    As Clausewitz famously said, "war is the domain of uncertainty." In the case of cyberattacks, this uncertainty manifests through incomplete information and unexpected variables. “D-Day Fortitude” exercises replicate this reality to teach teams how to anticipate and adapt, better preparing them for real-world crises.

    How do these exercises contribute to cyber crisis management?

    1️⃣ It keeps crisis management teams operationally ready.

    2️⃣ It identifies ineffective procedures and creates decision-making pathways to save time on D-Day Fortitude.

    3️⃣ It helps organizations understand their future cybersecurity needs and better manage risks by reducing uncertainty.

    What is the added value for participants?

    Each participant acts as both a receiver and sender of messages, strengthening their skills in communication, coordination, and handling pressure. This practical learning experience enables them to reduce uncertainty in risk-taking and build stronger organizational resilience.

    How is this exercise a forward-looking tool?

    D-Day Fortitude is not just about preparing for current crises. It is also a strategic tool to anticipate future challenges by testing strategies and procedures under simulated, but realistic, conditions. This helps organizations adapt to the evolving landscape of cyber threats.

    In conclusion, what does D-Day Fortitude achieve?

    D-Day Fortitude enables teams to better prepare for future crises by testing and improving their responses. The exercise highlights weaknesses in existing procedures and optimizes processes, ensuring time-saving and greater operational efficiency during real crises.