ESCIM is an online platform designed to develop tabletop exercises in industrial cybersecurity, helping organizations model and present high-impact cyber incident scenarios.

Its purpose is to conduct cyber exercises that allow reviewing cybersecurity controls, evaluating the effectiveness of existing processes and procedures, and testing coordination and communication between different areas of the organization. With this, ESCIM helps anticipate and prepare for cyber incidents affecting OT environments.

The platform allows analyzing different types of incidents that could affect a specific sector or automated process, thanks to its integration with MITRE ATT&CK matrices, both in Enterprise and ICS versions. It also provides a structured framework to study incident preparation, identification, containment and recovery phases, aligned with the incident lifecycle defined by the NIST framework.

ESCIM can be considered a training and awareness tool. Through the TableTop desktop simulation methodology, it allows involving critical organizational roles to facilitate understanding of interactions between areas, communication flow, and detection of deviations in key processes. It enables documenting lessons learned and contributing to compliance with NIS2 regulatory requirements.

Finally, ESCIM is a versatile platform: applicable to both theoretical scenarios and real cases, and always oriented towards obtaining useful learnings that support decision-making and improve the resilience of industrial organizations.

• It's completely online
• Import projects and maps created with your RECIN account.
• No sensitive information required at any time.
• Customize the company profile based on identified control and management measures.
• You can associate tactics and techniques used by the attacker according to MITRE ATT&CK Matrices both Enterprise and ICS.
• Identify key moments, help questions, expected answers and injections for each phase.
• Identify and build the communication map based on the roles that should participate at each moment.
• Present the scenario, moments, communications between involved roles, injections and help questions to guide the exercise efficiently and in an organized way.
• Document lessons learned from each phase, and general ones from the entire exercise on the same platform.
• Generate a very complete exercise report with the incident timeline, analysis of the effectiveness of control and management measures of the organization regarding the tactics used, roles interacting at each moment of the analyzed incident and much more...

A platform designed for easy and accessible use by:

• Any professional in the Industrial and Cybersecurity environment: CISOs, ICSOs, industrial cybersecurity analysts, consultants, solution providers...
• Industrial Cybersecurity teachers.
• Students and Industrial Cybersecurity enthusiasts.

All of them will find in ESCIM the perfect ally for their work.