Training Companies to Handle a Hack

Despite billions of dollars invested in antihacking technology over the past 10 years, companies appear to have little idea of how to respond to a cyber attack. When Target was hacked during the busy 2013 Christmas season, investigators found the company had missed early warnings that might have prevented the loss of data belonging to 70 million customers. When the news came out, lawsuits were filed, and Chief Executive Officer Gregg Steinhafel resigned. Sony Pictures Entertainment’s fumbling response a year later to North Korean hackers turned a bad situation into a terrible one, costing Amy Pascal, one of the most powerful women in Hollywood, her job as co-chairman.

IBM, which has spent five years buying companies to make itself the world's third-largest cybersecurity provider, wants to train corporate security teams, CEOs, and PR departments to handle those kinds of crises. Shortly after Election Day, the company unveiled a facility that combines gaming techniques and millions of dollars of sophisticated hardware to re-create scenarios like Target’s and Sony’s in white-knuckle, stock-plunging detail.