Kaspersky has updated its Interactive Protection Simulation platform as cyber incidents increasingly target industrial firms, government and financial institutions, according to the company’s own incident response data.
Kaspersky has expanded its Interactive Protection Simulation (Kips) platform with new scenarios designed to reflect how cyberattacks are now unfolding across industries, including IT, banking and large corporates.
The update comes as Kaspersky Incident Response data shows industrial companies were the most targeted sector in 2024, accounting for 23.5% of response requests, followed by government institutions at 16.3%, financial services at 13.3%, and IT companies at 7.2%.
The platform is used to simulate cyber incidents and test how executives, IT teams and security staff respond to live attack scenarios, allowing organisations to assess coordination, decision-making and operational risk under pressure.
IT sector added to the platform
Kaspersky has added a new scenario aimed at IT companies, focusing on the complexity of modern enterprise networks and supply chains.
The simulation includes scenarios such as deepfake impersonation of senior executives, supply chain backdoors and attacks delivered through trusted third-party partners.
These are designed to replicate how attackers now gain access to corporate systems through compromised vendors and social engineering rather than direct technical intrusion alone.
The IT scenario also examines how delays in security testing and weak coordination between technical and business teams can lead to financial and operational exposure.
Banking simulations reflect ransomware and ATM attacks
The banking scenario has also been updated to reflect the types of attacks currently affecting financial institutions.
Participants face simulated ransomware operations similar to LockBit, attacks associated with the ExCobalt group, ATM malware such as Cutlet Maker and supply chain compromises.
The focus is on how financial institutions respond to incidents that can affect payment systems, customer data and regulatory compliance.
The exercise places teams under time pressure, forcing them to balance system recovery, customer communication and fraud prevention.
Corporate scenario focuses on business-wide impact
Kaspersky has also refreshed its corporate scenario to show how cyber incidents affect the wider organisation beyond IT.
The updated version includes attacks such as Text4Shell vulnerabilities, ransomware, insider threats and supplier-based breaches. It is designed to test how legal, communications, executive and technical teams coordinate during incidents that carry financial, legal and reputational risk.
The scenario reflects how poor communication between departments can increase losses even when the technical response is effective.
Training based on incident response data
According to Kaspersky, the scenarios are built using patterns observed in real investigations handled by its incident response teams, with the aim of reflecting how modern cyber incidents unfold in practice.
The company said the simulations are used to test how organisations allocate resources, communicate internally and make decisions when systems and data are under threat.
