Cyber-attacks can have a significant impact on the most critical services which society relies on, and it is vital cybersecurity teams are prepared to respond when it happens.

In Spring 2025, UK retailers Co-op and Marks & Spencer were both hit by ransomware attacks, highlighting cyber incidents directly impact the general public, as well as the orgnaizations themselves. 

Shelves were left empty and system outages meant that in some instances, customers couldn’t pay for items which were in stock. The cyber-attacks cost both retailers hundreds of millions of pounds and were the work of Scattered Spider and ‘The Com’ hacking groups . 

Most ransomware groups are in it for money, but these cybercriminals appear to also focus on the notoriety and disruption they can cause. That destructive hedonism can create a whole new threat which organizations have defend against.

Enter the War Room

It’s with this in mind that on Wednesday June 3, Semperis is bringing Enter the War Room: A Tabletop Experience to Infosecurity Europe 2026.

The experience is an immersive 90-minute red team vs blue team tabletop exercise that drops participants into a simulation of a fast-moving, multi-stage cyber-attack against a large supermarket called ‘BlueCart’.

While BlueCart isn’t a real retailer, the scenario is inspired by real-life events, like the cyber-attacks against UK retailers.

“Retail is a target and everybody knows that. Often, they will pay a ransom because they want to get back running quickly. That’s why retail is often a strong target,”  Guido Grillenmeier, principal technologist at Semperis told Infosecurity.

“BlueCart is going to undergo similar attacks like real retailers have faced. We came up with the idea here that we have a modern company that is utilizing a new AI system for its supply chain management. And it has just announced that it is going live, which has got the attention of the bad guys”

Participants in the tabletop exercise will work alongside reformed hackers and defenders from the UK government, law enforcement and the private sector. Teams will stress-test detection, decision-making, cross-functional communication and executive escalation under pressure.

While the event is a roleplaying simulation and won’t involve real hacking, it will provide cybersecurity professionals with the experience of what it is like to work in a realistic, high-impact environment. Those taking part will have the opportunity to identify exposed blind spots and sharpen crisis playbooks for their own organizations.

Visitors to Infosecurity Europe 2026 can sign up to take part in Enter the War Room: A Tabletop Experience here.

“It gets people to think about the things that you do need to consider regardless of whether you are under attack or if you are just preparing for it,” said Grillenmeier.

“And everything you hear, everything you work on in the tabletop, you can reflect that to your own environment think about how it would have turned out in your own network.”

Semperis will be at Infosecurity Europe at booth #B118. Courtney Guss, Semperis Director of Crisis Management, will be speaking on Compliance at the Speed of a Crisis: A Practical Framework and Approach to Meeting Global Regulatory Requirements under Pressure on the Cyber Strategies Stage at 10:35 on Tuesday 2 June.

Semperis will also be hosting a panel session, The Importance of Human Resilience During Cyber War: Inside the Making of ‘Midnight in the War Room', at 16:30 on the Resilience and Cyber Risk stage on Tuesday 2 June.